Change log for SYMANTEC_VIP_AUTHHUB

Date Changes
2024-06-04 Enhancement:
- Mapped "client" to "principal.ip" and "principal.asset.ip".
- Mapped "referrer" to "network.http.referral_url".
- Mapped "server" to "target.hostname" and "target.asset.hostname".
- Mapped "method" to "network.http.method".
- Mapped "httpReferrer" to "network.http.referral_url".
- Mapped "bytes_sent" to "network.sent_bytes".
- Mapped "status" to "network.http.response_code".
- Mapped "path" to "principal.file.full_path".
- Mapped "protocol" to "network.application_protocol".
- Mapped "userIP" to "principal.ip", "principal.asset.ip", "target.ip", "target.asset.ip", "intermediary.ip", "intermediary.asset.ip".
- Mapped "level" to "security_result.severity".
- Mapped "principalId" to "principal.user.userid".
- Mapped "kubernetes.host" to "principal.hostname" and "principal.asset.hostname".
- Mapped "relVersion" to "metadata.product_version".
- Mapped "thread" to "additional.fields".
- Mapped "service" to "additional.fields".
- Mapped "sub" to "additional.fields".
- Mapped "subType" to "additional.fields".
- Mapped "tid" to "additional.fields".
- Mapped "tname" to "additional.fields".
- Mapped "userDN" to "additional.fields".
- Mapped "userGuid" to "additional.fields".
- Mapped "userIdpGuid" to "additional.fields".
- Mapped "userRiskLevel" to "additional.fields".
- Mapped "userUniversalId" to "additional.fields".
- Mapped "userRiskScore" to "additional.fields".
- Mapped "userIp" to "principal.ip" and "principal.asset.ip".
- Mapped "__isAuditIdLcmIdStore" to "additional.fields".
- Mapped "principalType" to "additional.fields".
- Mapped "clientTid" to "additional.fields".
- Mapped "identitySourceId" to "additional.fields".
- Mapped "stream" to "additional.fields".
- Mapped "logtag" to "additional.fields".
- Mapped "type" to "additional.fields".
- Mapped "remoteAddr" to "additional.fields".
- Mapped "remoteUser" to "additional.fields".
- Mapped "requestTime" to "additional.fields".
- Mapped "vhost" to "additional.fields".
- Mapped "contentType" to "additional.fields".
- Mapped "requestId" to "additional.fields".
- Mapped "clientTxnId" to "additional.fields".
- Mapped "txnId" to "additional.fields".
- Mapped "issuerUrl" to "target.url".
- Mapped "kubernetes.labels.app.kubernetes.io_component" to "target.resource.attribute.labels".
- Mapped "kubernetes.labels.app.kubernetes.io_instance" to "target.resource.attribute.labels".
- Mapped "kubernetes.labels.app.kubernetes.io_name" to "target.resource.attribute.labels".
- Mapped "kubernetes.labels.app.kubernetes.io_managed-by" to "target.resource.attribute.labels".
- Mapped "kubernetes.labels.app.kubernetes.io_part-of" to "target.resource.attribute.labels".
- Mapped "kubernetes.labels.app.kubernetes.io_version" to "target.resource.attribute.labels".
- Mapped "kubernetes.labels.helm.sh_chart" to "target.resource.attribute.labels".
- Mapped "kubernetes.labels.helmChartName" to "target.resource.attribute.labels".
- Mapped "kubernetes.labels.imageTag" to "target.resource.attribute.labels".
- Mapped "kubernetes.labels.pod-template-hash" to "target.resource.attribute.labels".
- Mapped "kubernetes.annotations.cni.projectcalico.org_podIP" to "target.resource.attribute.labels".
- Mapped "kubernetes.annotations.cni.projectcalico.org_podIPs" to "target.resource.attribute.labels".
- Mapped "reqLength" to "additional.fields".
- Set "metadata.event_type" to "NETWORK_CONNECTION" when "has_principal" and "has_target" are true.
2024-05-09 New:
- Newly created parser.