Change log for H3C_SWITCH

Date	Changes
2025-10-17	Enhancement: - `event.idm.read_only_udm.metadata.product_event_type`: Newly mapped `product_event_type` raw log field(s) with `event.idm.read_only_udm.metadata.product_event_type` UDM field. - `event.idm.read_only_udm.principal.ip`: Newly mapped `src_ip` raw log field(s) with `event.idm.read_only_udm.principal.ip` UDM field. - `event.idm.read_only_udm.principal.asset.ip`: Newly mapped `src_ip` raw log field(s) with `event.idm.read_only_udm.principal.asset.ip` UDM field. - `event.idm.read_only_udm.target.ip`: Newly mapped `dest_ip` raw log field(s) with `event.idm.read_only_udm.target.ip` UDM field. - `event.idm.read_only_udm.target.asset.ip`: Newly mapped `dest_ip` raw log field(s) with `event.idm.read_only_udm.target.asset.ip` UDM field. - `event.idm.read_only_udm.additional.fields`: Newly mapped `interface`, `ld_rd`, `status`, `diag`, `sess_type`, `link_type` raw log field(s) with event.idm.read_only_udm.additional.fields UDM field. - `event.idm.read_only_udm.metadata.event_type`: If desc contains "logged out" or "failed" and has_target_user is not "true", updated to GENERIC_EVENT. - `event.idm.read_only_udm.metadata.vendor_name`: Changed static value from "H3C Switch" to "HPE". - `event.idm.read_only_udm.metadata.product_name`: Changed static value from "H3C Switch" to "Switch". - Updated conditional logic for tar_user to add a regex-based length validation.
2025-06-05	Enhancement: - Added a new Grok patterns to parse new pattern of SYSLOG logs. - event.idm.read_only_udm.principal.hostname: Removed mapping `hostname` raw log field with `event.idm.read_only_udm.principal.hostname` UDM field. - event.idm.read_only_udm.intermediary.hostname: Newly mapped `hostname` raw log field with `event.idm.read_only_udm.intermediary.hostname` UDM field. - event.idm.read_only_udm.intermediary.asset.hostname: Newly mapped `hostname` raw log field with `event.idm.read_only_udm.intermediary.asset.hostname` UDM field. - event.idm.read_only_udm.metadata.event_timestamp: Newly mapped `timestamp` raw log field with `event.idm.read_only_udm.metadata.event_timestamp` UDM field. - event.idm.read_only_udm.metadata.intermediary.ip: Newly mapped `inter_ip` raw log field with `event.idm.read_only_udm.metadata.intermediary.ip` UDM field. - event.idm.read_only_udm.metadata.intermediary.asset.ip: Newly mapped `inter_ip` raw log field with `event.idm.read_only_udm.metadata.intermediary.asset.ip` UDM field. - event.idm.read_only_udm.additional.fields: Newly mapped `Line`, `OperateType`, `OperateTime`, `OperateState`, `OperateEndTime`, `EventIndex`, `CommandSource`, `ConfigSource`, `ConfigDestination` raw log field with `event.idm.read_only_udm.additional.fields` UDM field. - event.idm.read_only_udm.principal.ip: Newly mapped `IPAddr` raw log field with `event.idm.read_only_udm.principal.ip` UDM field. - event.idm.read_only_udm.principal.asset.ip: Newly mapped `IPAddr` raw log field with `event.idm.read_only_udm.principal.asset.ip` UDM field. - event.idm.read_only_udm.principal.user.userid: Newly mapped `User` raw log field with `event.idm.read_only_udm.principal.user.userid` UDM field. - event.idm.read_only_udm.principal.ip: Newly mapped `prin_ip` raw log field with `event.idm.read_only_udm.principal.ip` UDM field. - event.idm.read_only_udm.principal.asset.ip: Newly mapped `prin_ip` raw log field with `event.idm.read_only_udm.principal.asset.ip` UDM field. - event.idm.read_only_udm.principal.port: Newly mapped `prin_port` raw log field with `event.idm.read_only_udm.principal.port` UDM field. - event.idm.read_only_udm.target.ip: Newly mapped `tar_ip` raw log field with `event.idm.read_only_udm.target.ip` UDM field. - event.idm.read_only_udm.target.asset.ip: Newly mapped `tar_ip` raw log field with `event.idm.read_only_udm.target.asset.ip` UDM field. - event.idm.read_only_udm.target.hostname: Newly mapped `tar_host` raw log field with `event.idm.read_only_udm.target.hostname` UDM field. - event.idm.read_only_udm.target.port: Newly mapped `tar_port` raw log field with `event.idm.read_only_udm.target.port` UDM field. - event.idm.read_only_udm.target.user.userid: Newly mapped `tar_user` raw log field with `event.idm.read_only_udm.target.user.userid` UDM field. - event.idm.read_only_udm.principal.user.userid: Newly mapped `user` raw log field with `event.idm.read_only_udm.principal.user.userid` UDM field. - event.idm.read_only_udm.metadata.event_type: - Set `event.idm.read_only_udm.metadata.event_type` to `USER_LOGIN` if `has_target_user` is `true` and `logged in` is present in `desc`. - Set `event.idm.read_only_udm.metadata.event_type` to `USER_LOGOUT` if `has_target_user` is `true` and `logged out` is present in `desc`. - Set `event.idm.read_only_udm.metadata.event_type` to `NETWORK_CONNECTION` if `has_target` is `true` and `has_principal` is `true`. - Set `event.idm.read_only_udm.metadata.event_type` to `USER_UNCATEGORIZED` if `has_target_user` is `true` and `has_principal_user` is `true`. - Set `event.idm.read_only_udm.metadata.event_type` to `STATUS_UPDATE` if `has_principal` is `true`.
2025-02-24	- Newly created parser.