Change log for CISCO_FIRESIGHT

Date Changes
2024-11-28 Enhancement:
- Mapped "app" field to "metadata.product_event_type".
- Mapped "ApplicationProtocol" to "network.application_protocol".
2024-06-25 Enhancement:
- Added a Grok pattern to parse the new format logs.
- If value of the field "sec_severity" is similar to "error", then set the value of the field "security_result.severity" to "ERROR".
- Mapped "sec_desc" to "sec_result.description".
- Mapped "app" to "principal.application".
- Mapped "summary" to "sec_result.summary".
2024-06-05 Enhancement:
- Parsed unparsed syslogs by adding a new Grok pattern.
2024-05-22 Enhancement:
- Added a Grok pattern to parse dropped logs.
- Mapped "product" to "vulnerabilities.vendor".
- Mapped "descript" to "vulnerabilities.description".
- Mapped "severity_detail" to "vulnerabilities.severity_details".
- Mapped "inter" to "intermediary.hostname".
- Mapped "eventId" to "metadata.product_event_type".
- Mapped "DeviceUUID" to "metadata.product_log_id".
- Mapped "InstanceID" to "target.asset_id".
- Mapped "ApplicationProtocol" to "network.application_protocol".
- Mapped "SrcIP" to "principal.ip" and "principal.asset.ip".
- Mapped "DstIP" to "target.ip" and "target.asset.ip".
- Mapped "SrcPort" to "principal.port".
- Mapped "DstPort" to "target.port".
- Mapped "Protocol" to "network.ip_protocol".
- Mapped "InitiatorPackets" to "network.sent_packets".
- Mapped "ResponderPackets" to "network.received_packets".
- Mapped "InitiatorBytes" to "network.sent_bytes".
- Mapped "ResponderBytes" to "network.received_bytes".
- Mapped "URL" to "target.url".
- Mapped "AccessControlRuleName" to "security_result.rule_name".
- Mapped "ConnectionID" to "security_result.about.resource.attribute.labels".
- Mapped "FirstPacketSecond" to "security_result.about.resource.attribute.labels".
- Mapped "EventPriority" to "security_result.severity".
- Mapped "WebApplication", "URLReputation", "EgressInterface", "IngressInterface", "ACPolicy", and "NAPPolicy" to "additional.fields".
- Mapped "AccessControlRuleAction" to "security_result.action".
2024-04-29 Enhancement:
- Added support to handle new format of ingested logs.
2023-09-21 Enhancement:
- Mapped "proto_type" to "network.ip_protocol".
- Added validation checks before mapping "entry.agent.type".
- Removed repetitive code for "recordTypeCategory" and mapped "recordTypeCategory to "metadata.product_event_type".
- Mapped "severity_code to "security_result.severity".
- Mapped "service_type", "syslog_facility_code", "syslog_priority" to "additional.fields".
- Mapped "entry_msg" to "metadata.description".
2022-10-01 Enhancement:
- Migrated customer specific to default parser.