Added support for JSON formatted logs with timestamps in ts and occurredAt fields

Added support for IDS Alert events with pass-through detections

Added support for File Scanned events

Added support for BGP, DHCP, VPN, and wireless association events

Updated ECS version to 9.0.0

Added support for BSD syslog format with MMM dd HH:mm:ss timestamp format

Added support for ip_flow_start and ip_flow_end events

Added new field mappings for network flow events

Updated ECS version to 8.17.0

Added support for content filtering block events

Added new field mappings for content filtering events

Adds support for l7_firewall events

Utilizes array:append() function for array declarations

Adds event.kind field to comply with CPS requirements

Removed indicator type from configuration category to comply with ECS

Removes the references to the lookup file from the parser

Bumps the ecs.version to 8.16.0

Adds the event.outcome field

Bumps the minimum LogScale version to 1.142 to support assertions in yaml files

Bug fix: updates the mapping for destination.port , source.port fields

Normalizing the mac addresses to keep the notation from RFC 7042

Adds new event.module , event.dataset and Cps.version fields

Removes the Product field

Sets following tags: Cps.version , Vendor , ecs.version , event.dataset , event.kind , event.module , event.outcome , observer.type

Rename url.host to url.domain field

Bumps ECS version to 8.11.0

Adds support for ip_flow_end and ip_flow_start events

Syslog headers are now mapped to log.syslog.* fields