Change log for EXTRAHOP

Date Changes
2024-11-26 Enhancement:
- If "events.vulnerability.severity" equals "medium", then map "MEDIUM" to "security_result.severity".
- Mapped "events.vulnerability.description" to "metadata.description".
2024-10-28 Enhancement:
- Added support to handle SYSLOG+JSON logs.
2023-10-27 Enhancement:
- Added JSON block to parse uparsed JSON logs.
- Reduced the percentage of events with "metadata.event_type" set to "GENERIC_EVENT" to 0.
2022-12-15 Enhancement:
- Mapped the field 'macaddr' to 'principal.mac'.
- Mapped the field 'ipaddr' to 'principal.ip'.
- Mapped the field 'object_name' to 'target.resource.name'.
- Mapped the field 'object_type' to 'target.resource.resource_type'.
- Mapped the field 'object_id' to 'target.resource.product_object_id'.
- Mapped the field 'event_id' to 'metadata.product_event_type'.
- Mapped the field 'operation' to 'metadata.product_event_type'.
- Mapped the field 'user' to 'principal.user.userid'.
- Mapped the field 'facility' to 'principal.resource.resource_subtype'.
- Mapped the field 'src_ip' to 'principal.ip'.
- Mapped the field 'summary' to 'security_result.summary'.
- Mapped the field 'name' to 'metadata.description'.
- Mapped the field 'severity' to 'security_result.severity_details'.
- Mapped the field 'priority' to 'security_result.severity' and 'security_result.severity_details'.
- Mapped the field 'alert_name' to 'security_result.summary'.
2022-06-30 Enhancement:
- Mapped "detectionID" to "security_result.rule_labels".
- When "product_event_type" is equal to "Unsafe LDAP Authentication" Mapped "event_type" to "STATUS_UPDATE".
- Mapped "prin_url" to "principal.url".
- Mapped "desc" to "metadata.description".
2022-05-18 Enhancement - The newly ingested logs have been parsed and mapped to the following fields:
'RDP Record.clientName' mapping changed to 'principal.hostname' from 'principal.user.userid'.
'RDP Record.cookie' mapped to 'principal.user.userid'.
'eh_event' mapping changed to 'network.application_protocol' from 'metadata.product_event_type'.
2022-05-10 Enhancement - The newly ingested logs have been parsed and mapped to the following fields:
server_ip' mapped to 'target.ip'.
'RDP Record.proto' mapped to 'network.ip_protocol'.
'RDP Record.clientPort' mapped to 'principal.port'.
'RDP Record.clientName' mapped to 'principal.user.userid'.
'RDP Record.clientBytes' mapped to 'network.sent_bytes'.
'RDP Record.serverBytes' mapped to 'network.received_bytes'.
'RDP Record.clientBuild' mapped to 'metadata.product_version'.
'RDP Record.selectedProtocol' mapped to 'security_result.description'.
'eh_event' mapped to 'metadata.product_event_type'.