Change log for FORCEPOINT_WEBPROXY

Date Changes
2024-10-18 Enhancement:
- Added support to parse the unparsed CSV logs.
- Added support to drop invalid CSV logs.
- Mapped "host-url" to "principal.url".
2024-07-10 Enhancement:
- Added the Grok patterns for new KV format logs.
- Mapped "username" to "principal.user.userid".
- Mapped "cs-uri" to "target.url".
- Mapped "cs-uri-query" , "time-taken" , "filter-category" , "cs-uri-path" , "cs-uri-extension" and "rs_content_type" to "additional.fields".
- If "sc-filter-result" is "OBSERVED" then set "security_result.action" to "ALLOW" , else if "sc-filter-result" is "DENIED" then set "security_result.action" to "BLOCK" , else set "security_result.action" to "ALLOW".
- Mapped "cs-auth-group" to "principal.user_group_identifiers".
- Mapped "cs-method" to "network.http.method".
- Mapped "sc-status" to "response_code".
- Mapped "s-action" to "security_result.detection_fields".
- Mapped "srcport" to "principal.port".
- Mapped "dstport" to "target.port".
- Mapped "sc-bytes" to "network.received_bytes".
- Mapped "cs-bytes" to "network.sent_bytes".
- Mapped "cs" to "security_result.summary".
- Mapped "cs_referer" to "network.http.referral_url".
- Mapped "cs-host" to "target.hostname".
2024-06-10 Enhancement:
- Added support for CSV format logs.
2023-06-12 Enhancement:
- Modified Grok pattern to parse failing logs in which some of the values are present as '-'.
- Added condition check for field 'http_response' before mapping.
2022-08-11 Enhancement:
- Modified grok to parse CEF type logs with no syslog header.
2022-05-16 Enhancement: mapped category number to security_result.detection_fields.
2022-05-05 Enhancement:
dded mapping for fields:
requestClientApplication to http.user_agent.
proxyStatus-code to http.response_code.
disposition and cn1 to security_result.detection_fields.
Mapped 'cs2' field to 'security_result.category_details' if the value of 'cs2Label' is 'DynCat'.
Mapped 'cs2' field to 'security_result.detection_fields' if the value of 'cs2Label' is 'NatRuleId'.