Merge pull request #12742 from Security-Onion-Solutions/dougburks-patch-1

FEATURE: Add Events table columns for event.module kratos #12740

salt/soc/defaults.yaml

@@ -87,12 +87,13 @@ soc:
         - log.id.uid
         - network.community_id
         - event.dataset
-      ':kratos:audit':
+      ':kratos:':
         - soc_timestamp
         - http_request.headers.x-real-ip
         - identity_id
         - http_request.headers.user-agent
         - event.dataset
+        - msg
       '::conn':
         - soc_timestamp
         - source.ip