Change log for TRENDMICRO_APEX_CENTRAL

Date Changes
2024-12-04 Enhancement:
- When "cn2Label" is "Second_Action" and "cn2" is "1" then mapped "var_cn2_label.value" to "N/A".
- When "cn2Label" is "Second_Action" and "cn2" is "0" then mapped "var_cn2_label.value" to "Unknown".
- When "cn2Label" is "Second_Action" and "cn2" is "2" then mapped "var_cn2_label.value" to "Clean".
- When "cn2Label" is "Second_Action" and "cn2" is "3" then mapped "var_cn2_label.value" to "Delete".
- When "cn2Label" is "Second_Action" and "cn2" is "4" then mapped "var_cn2_label.value" to "Move".
- When "cn2Label" is "Second_Action" and "cn2" is "5" then mapped "var_cn2_label.value" to "Rename".
- When "cn2Label" is "Second_Action" and "cn2" is "6" then mapped "var_cn2_label.value" to "Pass/Log".
- When "cn2Label" is "Second_Action" and "cn2" is "7" then mapped "var_cn2_label.value" to "Strip".
- When "cn2Label" is "Second_Action" and "cn2" is "8" then mapped "var_cn2_label.value" to "Drop".
- When "cn2Label" is "Second_Action" and "cn2" is "9" then mapped "var_cn2_label.value" to "Quarantine".
2024-09-23 - Changed the `fileHash` field to lowercase.
- Mapped "dntdom" to "target.administrative_domain".
- Mapped "event_name" to "security_result.threat_name".
- Mapped "dhost" to "principal.hostname".
- Mapped "filePath" to "target.file.full_path".
- Mapped "duser" to "target.user.userid".
- Mapped "cs3" to "metadata.product_version".
- Mapped "cs6" to "additional.fields".
- Mapped "product_version" to "additional.fields".
- Mapped "cat" to "additional.fields".
- Mapped "msg" to "additional.fields".
- Mapped "TMCMLogDetectedIP" to "additional.fields".
- Mapped "dvchost" to "additional.fields".
- Mapped "cnt" to "security_result.verdict_info.malicious_count".
- Mapped "cs4" to "security_result.category_details".
2024-09-23 - Changed the `fileHash` field to lowercase.
- Mapped "dntdom" to "target.administrative_domain".
- Mapped "event_name" to "security_result.threat_name".
- Mapped "dhost" to "principal.hostname".
- Mapped "filePath" to "target.file.full_path".
- Mapped "duser" to "target.user.userid".
- Mapped "cs3" to "metadata.product_version".
- Mapped "cs6" to "additional.fields".
- Mapped "product_version" to "additional.fields".
- Mapped "cat" to "additional.fields".
- Mapped "msg" to "additional.fields".
- Mapped "TMCMLogDetectedIP" to "additional.fields".
- Mapped "dvchost" to "additional.fields".
- Mapped "cnt" to "security_result.verdict_info.malicious_count".
- Mapped "cs4" to "security_result.category_details".
2024-08-12 - When "dvchost" is available, then mapped "metadata.event_type" to "STATUS_UPDATE".
2024-04-24 - Added support for new event type "Endpoint Application Control"
2024-04-03 - Added new attributes and support for customer specific new log format (CEF).