Added support for ip_flow_start and ip_flow_end events

Added new field mappings for network flow events

Updated ECS version to 8.17.0

Added support for content filtering block events

Added new field mappings for content filtering events

Adds support for l7_firewall events

Utilizes array:append() function for array declarations

Adds event.kind field to comply with CPS requirements

Removed indicator type from configuration category to comply with ECS

Removes the references to the lookup file from the parser

Bumps the ecs.version to 8.16.0

Adds the event.outcome field

Bumps the minimum LogScale version to 1.142 to support assertions in yaml files

Bug fix: updates the mapping for destination.port, source.port fields

Normalizing the mac addresses to keep the notation from RFC 7042

Adds new event.module, event.dataset and Cps.version fields

Removes the Product field

Sets following tags: Cps.version, Vendor, ecs.version, event.dataset, event.kind, event.module, event.outcome, observer.type

Rename url.host to url.domain field

Bumps ECS version to 8.11.0

Adds support for ip_flow_end and ip_flow_start events

Syslog headers are now mapped to log.syslog.* fields