Add new field to docs and update changelog

Author: chemamartinez

packages/cisco_secure_email_gateway/changelog.yml

@@ -7,6 +7,9 @@
  - description: Fix handling of AMP logs when filenames contain a comma.
  type: bugfix
  link: https://github.com/elastic/integrations/pull/8932
+ - description: Parse fields 'Analysis Source' and 'verdict_source' from AMP logs.
+ type: enhancement
+ link: https://github.com/elastic/integrations/pull/8932
 - version: "1.21.0"
  changes:
  - description: Handle and record log host origin filepaths.

packages/cisco_secure_email_gateway/data_stream/log/fields/fields.yml

@@ -187,7 +187,7 @@
  description: Dropped Messages.
  - name: email_participants
  type: keyword
- description: All the participants in the email. 
+ description: All the participants in the email.
  - name: email
  type: keyword
  - name: email_tracker_header

packages/cisco_secure_email_gateway/docs/README.md

@@ -532,7 +532,8 @@ An example event for `log` looks as following:
 | cisco_secure_email_gateway.log.upload.priority | Upload priority values are: High - For all selected file types, except PDF file type. Low - For only PDF file types. | keyword |
 | cisco_secure_email_gateway.log.vendor_action | | keyword |
 | cisco_secure_email_gateway.log.verdict | The file retrospective verdict value is malicious or clean. | keyword |
-| cisco_secure_email_gateway.log.verdict_scale | Verdict is negative or postive. | keyword |
+| cisco_secure_email_gateway.log.verdict_scale | Verdict is negative or positive. | keyword |
+| cisco_secure_email_gateway.log.verdict_source | Verdict source. | keyword |
 | cisco_secure_email_gateway.log.verified | | keyword |
 | cisco_secure_email_gateway.log.work_queue | This is the number of messages currently in the work queue. | long |
 | cisco_secure_email_gateway.log.zone | | keyword |