Change log for ONELOGIN_SSO

Date Changes
2024-05-27 Enhancement:
- Added "gsub" to parse dropped logs.
- Mapped "user_attributes.lastname" to "principal.user.last_name".
- Mapped "user_attributes.firstname" to "principal.user.first_name".
- Mapped "user_attributes.department" to "principal.user.department".
- Mapped "user_attributes.title" to "principal.user.title".
- Mapped "user_attributes.email" to "principal.user.email_addresses".
2024-05-21 Enhancement:
- Mapped "created_at" to "metadata.event_timestamp".
- When "principal.user.userid" is not present for event 334, then mapped "metadata.event_type" to "USER_RESOURCE_ACCESS".
2023-04-28 Enhancement - mapped the following raw logs elements to UDM elements:
- Removed characters from log if it contains ""\", "\\n" or "\\" to correct the JSON log.
- Supported different format for datetime match.
- Mapped "id" to "metadata.product_object_id".
- Mapped "account_id" to "additional.fields".
- Mapped "assuming_acting_user_id" to "additional.fields".
- Mapped "otp_device_id" to "additional.fields".
- Mapped "directory_sync_run_id" to "additional.fields".
- Mapped "resource_type_id" to "additional.fields".
- Mapped "user_agent" to "network.http.parsed_user_agent".
- Mapped "otp_device_id" to "principal.asset_id".
- Mapped "actor_system" to "additional.fields".
- Mapped "operation_name" to "additional.fields".
- Mapped "resolution" to "additional.fields".
- Mapped "client_id" to "additional.fields".
- Mapped "risk_cookie_id" to "additional.fields".
- Mapped "browser_fingerprint" to "additional.fields".
- Mapped "event_type_ids" to "additional.fields".
- Mapped "since" to "additional.fields".
- Mapped "until" to "additional.fields".
- Mapped "proxy_ip" to "intermediary.ip".
- Mapped "error_description" to "additional.fields".
2022-05-18 Enhancement - map following raw logs elements to UDM elements:
- actor_user_id to event.idm.read_only_udm.principal.user.product_object_id
- user_id to event.idm.read_only_udm.target.user.product_object_id
2022-03-23 Enhancement-map following raw logs elements to UDM elements
- user_agent to event.idm.read_only_udm.network.http.user_agent.
- uuid to event.idm.read_only_udm.metadata.product_log_id.
- group_id to event.idm.read_only_udm.target.group.product_object_id.
- group_name to event.idm.read_only_udm.target.group.group_display_name.
- policy_type to security_result.rule_type.
- policy_id to security_result.rule_id.
- policy_name to security_result.rule_name.
- authentication_factor_type to event.idm.read_only_udm.extensions.auth.auth_details.
- risk_reasons to security_result.description.
- risk_score to security_result.severity_details.
Logic enhancements for the following app_id, app_name, directory_id, directory_name, privilege_id, privilege_name, role_name, role_id.