Change log for NETSKOPE_WEBPROXY

Date Changes
2024-06-21 Enhancement:
- Added Grok to support a new log format.
2024-06-04 Enhancement:
- Added Grok to handle unparsed logs.
- Mapped "url" to "target.url".
- Mapped "appSessionId" to "network.session_id".
- Mapped "page" to "network.http.referral_url".
- Mapped "appcategory" to "security_result.category_details".
- Mapped "clientBytes" to "network.sent_bytes".
- Mapped "serverBytes" to "network.received_bytes".
- Mapped "ccl" to "security_result.confidence_details".
- Mapped "IncidentID", "applicationType", "browser", and "cci" to "security_result.detection_fields".
2024-04-22 Enhancement:
- Mapped "x-cs-app-ccl","x-cs-app-instance-id","x-cs-app-tags" ,"x-cs-app-instance-name" ,"x-cs-app-instance-tag", "x-cs-app-to-user","x-cs-app-object-id" and "x-cs-app-from-user" to "additional.fields".
2024-02-26 Enhancement:
- Changed mapping of "cs-bytes" from "network.received_bytes" to "network.sent_bytes".
- Changed mapping of "sc-bytes" from "network.sent_bytes" to "network.received_bytes".
- Mapped "x-cs-app-object-name" to "additional.fields".
- Mapped "x-cs-app-from-user" to "principal.user.email_addresses".
2023-12-22 Enhancement:
- If "cs-dns" value is "null", changed "cs-host" mapping from "principal.hostname" to "target.hostname".
- Changed "cs-dns" mapping from "principal.hostname" to "target.hostname".
- If "sc-status" value is "null", mapped "rs-status" to "network.http.response_code".
- Mapped "x-cs-app" to "principal.application".
- Mapped "x-cs-src-ip-egress" to "principal.ip".
2023-12-08 Enhancement:
- Added on_error check to parse the failing logs.
- Set "metadata.vendor_name" to "Netskope" and "metadata.product_name" to "Netskope Webproxy".
- Added conditional check for "src_region", "src_country", "src_location", "dst_region", "dst_country", "dst_location" before mapping.
2023-10-09 Enhancement:
- Mapped "dvchost" to "target.hostname" if "target.hostname" is not present.
- Added a null check prior mapping "requestClientApplication".
2023-09-12 Enhancement:
- Mapped "x-cs-dst-ip" to "target.ip".
- Mapped "x-cs-src-ip" to "principal.ip".
- Mapped "x-cs-src-port" to "principal.port".
- Mapped "x-cs-dst-port" to "target.port".
- Added on_error check for date filter.
- Added conditional checks before mapping "metadata.event_type".
2023-08-28 Enhancement:
- Mapped "cs-uri" to "additional.fields".
- Mapped "cs-uri-port" to "additional.fields".
- Mapped "x-s-zipcode" to "additional.fields".
- Mapped "x-c-zipcode" to "additional.fields".
- Mapped "x-cs-site" to "additional.fields".
- Mapped "x-category" to "additional.fields".
- Mapped "x-sr-ssl-version" to "security_result.detection_fields".
- Mapped "x-sr-ssl-cipher" to "security_result.detection_fields".
- Mapped "x-cs-src-ip-egress" to "security_result.detection_fields".
- Mapped "x-cs-userip" to "security_result.detection_fields".
- Mapped "x-cs-url" to "target.url".
- Mapped "x-cs-uri-path" to "additional.fields".
- Mapped "x-cs-app-cci" to "additional.fields".
- Mapped "x-cs-app-object-type" to "additional.fields".
- Mapped "x-rs-file-type" to "additional.fields".
- Mapped "x-rs-file-category" to "additional.fields".
2023-08-17 Enhancement:
- Added support for new JSON type log format.
2023-06-22 Enhancement:
- Added support for new SYSLOG+JSON type log format.
2023-05-30 Enhancement:
- Mapped "duser" to "target.user.email_addresses".
- Mapped "requestClientApplication" to "network.http.parsed_user_agent".
2023-02-03 Enhancement:
- Mapped "Domain" to "principal.administrative_domain".
2023-01-09 Enhancement:
- Added conditional checks for mapping different event_type based on required parameters present.
- Parsed different formats of "rt".
2022-04-06 Enhancement-Added mappings for new fields
md5, mwDetectionEngine, mwProfile, mwType mapped to udm.