Change log for OFFICE_365

Date	Changes
2024-03-13	- Added support for 'GetRefreshablesForCapacityAsAdmin' new operations. - Added support for 'AppRole.Value' field from 'ModifiedProperties'. - Added mapping of 'SensitivityLabelEventData.JustificationText' field to 'security_result.detection_fields' UDM field. - Added mapping of 'UrlClickAction' field to 'security_result.detection_fields' UDM field.
2024-02-28	- Added support for new operations.
2024-02-14	- Added support for 'QuarantineApproveReleaseMessage', 'QuarantineDenyReleaseMessage', 'FileSensitivityLabelApplied', 'Update policy.', 'SharingLinkUsed', 'AddedToSharingLink', 'Authorize', 'SharingLinkUpdated', 'SubTaskUpdated', 'TaskRead', and 'SubTaskCreated' new operations.
2024-01-31	- Added support for 'SharingLinkCreated', 'TimesheetSaved', 'ResourceCheckedOut', 'GetGroupUsers', 'SensitivityLabelUpdated', 'ListItemRecycled' and 'TimesheetAccessed' operations.
2024-01-17	- Added support for 'SensitivityLabelApplied' operation.
2024-01-03	- Added support for 'Add-MailboxLocation' and 'Release-QuarantineMessage' operations.
2023-11-29	- Added support for 'Set-DlpCompliancePolicy' and 'Remove-DlpCompliancePolicy' operations. - Added additional mapping of 'RequestType' field from 'ExtendedProperties' to 'about.labels' in 'UserLoggedIn' and 'UserLoginFailed' operations. - Aligned 'principal/target.hostname' and 'principal/target.asset.hostname' mapping. - Added support for additional fields for "noun.labels".
2023-11-01	- Added support for 'QuarantineReleaseMessage', 'WorkspaceStatusReceived','LinkedEntityUpdated', 'ViewResponse', 'O365SyncAdminUserPromotion', 'FileCopiedToClipboard', and 'FileTranscriptContentAccessed' operations.
2023-10-18	- Added support for 'TaskModified' and 'DeleteTile' operations.
2023-10-04	- Added support for 'SensitivityLabeledFileOpened','SensitivityLabeledFileRenamed' and 'Validate' operations. - Added support for 'Modified Properties' fields in the 'Update user' operation.
2023-09-20	- Added support for 'PutConnection','PutConnectionPermission' 'AdminSubmissionTablAllow', 'Add contact.' and 'WorkspacePortalUrlReceived' operations.
2023-09-06	- Added mapping of 'ObjectId' for 'Add-MailboxPermission' Operation.
2023-08-23	- Added support for 'TaskListRead' operation.
2023-08-09	- Added support for 'GetWorkspaces', 'TeamsUserSignedOut' and 'ConnectFromExternalApplication' operation.
2023-07-26	- Added support for "SensitiveInfoTypeData" fields in DLP logs. - Updated mapping of 'metadata.event_type' for 'UserLoginFailed' operation.
2023-06-28	- Updated mapping of "metadata.event_type" for 'UserLoggedIn' operation.
2023-06-14	- Added support for 'ListViewUpdated' operation. - Updated the parser to include "parse_network_http_user_agent" to use "Parsed User Agent" and "User Agent".
2023-05-31	- Added support for 'FileUploadedToCloud', 'GenerateDataflowSasToken', 'GenerateScreenshot', 'MDCAssessments', 'RemovableMediaMount', 'SignInEvent', 'ApprovedRequest', 'CreateForm', 'ListForms', 'MDCRegulatoryComplianceAssessments', 'PreviewForm', 'ViewedApprovalRequest', 'ListCreated' and 'SiteColumnCreated' operations. - Added mapping for the recipient of the email for TIMailData.
2023-05-02	- Added mapping of attachment data for operation 'TIMailData'. - Added mapping of 'Result Status' log field for operation 'SoftDelete'. - Updated mapping of event type of 'Update Service Principal'. - Added mapping of 'Result Status' with 'security_result.action' for all operations. - Added mapping of 'ErrorNumber' log field for operations 'UserLoggedIn' and 'UserLoginFailed'. - Added support for 'New-DlpCompliancePolicy', 'New-DlpComplianceRule', 'Get-InsiderRiskPolicy', 'Enable Strong Authentication.', 'ReactedToMessage', 'RemovableMediaUnmount' and 'Set-HostedContentFilterPolicy' operations.
2023-04-12	- Added mapping of fields present in the 'Data' field for operations 'AirInvestigation', 'AlertUpdated', 'AlertEntityGenerated', 'AlertTriggered'. - Added support for operation 'DeleteDatasetRows'. - Added mapping of 'ApplicationId' log field and updated mapping for the 'ApplicationDisplayName', 'appId' and 'RequestType' log fields.
2023-03-29	- Added support for IPv6 dual address. - Added support for operation 'LaunchPowerApp'.
2023-03-15	- Added mapping of 'Role.TemplateId' field for operation 'Add member to role.'. - Updated mapping of 'Role.DisplayName' field for operation 'Add member to role.'.
2023-03-01	- Added support for operation 'FileSensitivityLabelChanged'. - Added support for operation 'FileRead'. - Added support for operation 'MessageReadReceiptReceived'. - Added support for operation 'Search'. - Added support for operation 'TaskDeleted'. - Added support for operation 'TaskUpdated'. - Added support for operation 'TaskCreation'. - Added regular expression for 'email` field for operation 'AirInvestigationData'. - Added size validation for `principal.user.userid` and `target.user.userid`. - Modified validations for setting `metadata.event_type`. - Removed unwanted invalid JSON format logs.
2023-02-01	- Added support for operation 'SecurityGroupModified'. - Added mapping of principal.user.userid and target.user.userid.
2023-01-18	- Added mapping for field "Is Hard Deleted" and mapped it with security_result.detection_fields.key/value. - Added mapping for field "GivenName" and mapped it with target.user.attribute.labels.key/value. - Added mapping for field "RequiredResourceAccess" and mapped it with target.resource.attribute.labels.key/value. - Added mapping for field "DelegatedPermissionGrant.Scope" and mapped it with target.resource.attribute.labels.key/value.
2023-01-11	- Removed gsub filter to remove leading zeros. - Added validation logic to check if IP is valid or not. - Handled the ObjectId field to remove unnecessary angular brackets. - Added support for RecipientCount, Sent, SensitiveInformationDetailedClassificationAttributes.Confidence, SensitiveInformationDetailedClassificationAttributes.Count, SensitiveInfoTypeData.Confidence, SensitiveInfoTypeData.Count fields.
2023-01-04	Promoting parser to default.