Change log for FIREEYE_ETP

Date Changes
2024-08-14 Enhancement:
- Added Grok pattern for a new pattern of JSON logs.
- Mapped "type", "InternalId", "attributes.acceptedDateTime", "attributes.lastModifiedDateTime", "attributes.senderSMTP", "attributes.status", and "attributes.urlDomains" to "additional.fields".
- Mapped "attributes.countryCode" to "principal.location.country_or_region".
- Mapped "attributes.senderIP" to "principal.ip".
- Mapped "attributes.recipientSMTP" to "network.email.to".
- Mapped "attributes.senderHeader" to "network.email.from".
- Mapped "attributes.subject" to "network.email.subject".
- Mapped "attributes.domain" to "network.dns_domain".
2024-08-08 Enhancement:
- Added a new Grok pattern to parse unparsed SYSLOG logs.
2024-03-07 Enhancement:
- Mapped "alert.attributes.alert.malware_md5" to "about.file.md5".
2024-01-30 Enhancement:
- Added support for new pattern of JSON logs.
- Mapped "id", "alert.explanation.analysis","alert.explanation.malware_os_analysis","email.dod_report_id" and "email.status" to "security_result.detection_fields".
- Mapped "alert.malware_md5" to "about.file.md5".
- Mapped "alert.sha256" to "about.file.sha256".
- Mapped "email.attachment" to "about.file.full_path".
- When "email.attachment" is valid URL, then mapped it to "about.url".
- Mapped "alert.severity" to "security_result.severity".
- Mapped "email.smtp.mail_from" to "network.email.from".
- Mapped "email.smtp.recipients" to "network.email.to".
- Mapped "email.headers.subject" to "network.email.subject".
- Mapped "email.source_ip" to "principal.ip" and "principal.asset_ip".
- Mapped "alert.explanation.malware_detected.malware.threat_type" to "security_result.category".
- Mapped "alert.explanation.malware_detected.malware.trace_iden" to "security_result.threat_id".
- Mapped "alert.explanation.malware_detected.malware.name" to "security_result.threat_name".
- Mapped "email.source_country" to "principal.location.country_or_region".
- Mapped "alert.action" to "security_result.action".