Change log for DELL_EMC_DATA_DOMAIN

Date	Changes
2026-02-12	Enhancement: - `event.idm.read_only_udm.metadata.product_name`: Modified the value of `event.idm.read_only_udm.metadata.product_name` from `DELL_EMC_DATA_DOMAIN` to `PowerProtect Data Domain`. - `event.idm.read_only_udm.principal.hostname`: Removed mapping of `host` raw log field from `event.idm.read_only_udm.principal.hostname` UDM field if it matches an IP address pattern to map it to `event.idm.read_only_udm.principal.ip`. - `event.idm.read_only_udm.principal.ip`: Newly mapped `host` raw log field with `event.idm.read_only_udm.principal.ip` UDM field. - `event.idm.read_only_udm.principal.asset.hostname`: Removed mapping of `host` raw log field from `event.idm.read_only_udm.principal.asset.hostname` UDM field if it matches an IP address pattern to map it to `event.idm.read_only_udm.principal.asset.ip`. - `event.idm.read_only_udm.principal.asset.ip`: Newly mapped `host` raw log field with `event.idm.read_only_udm.principal.asset.ip` UDM field. - Introduced new grok patterns that extract `time`, `inter_host`, `app`, `pid`, `msg1`, `kv_data`, `id`, `reason`, `cmd`, `kernel_error`, `kernel_timestamp` raw fields. - `event.idm.read_only_udm.intermediary.hostname`: Newly mapped `inter_host` raw log field with `event.idm.read_only_udm.intermediary.hostname` UDM field. - `event.idm.read_only_udm.metadata.event_timestamp`: The `time` raw log field is now parsed and used to update the event's primary timestamp. - `event.idm.read_only_udm.security_result.description`: Newly mapped `msg` raw log field with `event.idm.read_only_udm.security_result.description` UDM field. - `event.idm.read_only_udm.additional.fields`: Newly mapped `kernel_timestamp`, `kernel_error` raw log fields with 'event.idm.read_only_udm.additional.fields' UDM field.
2024-09-20	Enhancement: - Added support to handle unparsed logs.
2022-07-08	Enhancement: - Modified mapping for "role" from "principal.user.role_name" to "principal.user.attribute.roles".
2022-04-27	New Default parser