Change log for FIREEYE_ETP

Date	Changes
2024-08-14	Enhancement: - Added Grok pattern for a new pattern of JSON logs. - Mapped "type", "InternalId", "attributes.acceptedDateTime", "attributes.lastModifiedDateTime", "attributes.senderSMTP", "attributes.status", and "attributes.urlDomains" to "additional.fields". - Mapped "attributes.countryCode" to "principal.location.country_or_region". - Mapped "attributes.senderIP" to "principal.ip". - Mapped "attributes.recipientSMTP" to "network.email.to". - Mapped "attributes.senderHeader" to "network.email.from". - Mapped "attributes.subject" to "network.email.subject". - Mapped "attributes.domain" to "network.dns_domain".
2024-08-08	Enhancement: - Added a new Grok pattern to parse unparsed SYSLOG logs.
2024-03-07	Enhancement: - Mapped "alert.attributes.alert.malware_md5" to "about.file.md5".
2024-01-30	Enhancement: - Added support for new pattern of JSON logs. - Mapped "id", "alert.explanation.analysis","alert.explanation.malware_os_analysis","email.dod_report_id" and "email.status" to "security_result.detection_fields". - Mapped "alert.malware_md5" to "about.file.md5". - Mapped "alert.sha256" to "about.file.sha256". - Mapped "email.attachment" to "about.file.full_path". - When "email.attachment" is valid URL, then mapped it to "about.url". - Mapped "alert.severity" to "security_result.severity". - Mapped "email.smtp.mail_from" to "network.email.from". - Mapped "email.smtp.recipients" to "network.email.to". - Mapped "email.headers.subject" to "network.email.subject". - Mapped "email.source_ip" to "principal.ip" and "principal.asset_ip". - Mapped "alert.explanation.malware_detected.malware.threat_type" to "security_result.category". - Mapped "alert.explanation.malware_detected.malware.trace_iden" to "security_result.threat_id". - Mapped "alert.explanation.malware_detected.malware.name" to "security_result.threat_name". - Mapped "email.source_country" to "principal.location.country_or_region". - Mapped "alert.action" to "security_result.action".