Find out the type of information you want to query in logs.
The following table explains the available log types when conducting a
search on log data. Every log type includes log facets for granular analysis of log
data.
For details, see Log facets.
Log Type Descriptions
|
Log Type
|
Description
|
|
Detection logs
|
Information about email messages, chat messages, and files detected with threats or
data leakage, as well as information about files and URLs submitted to Virtual
Analyzer for threat analysis in a virtual sandbox.
This log type consolidates the following log types in the old management console:
Security Risk Scan, Ransomware, Virtual Analzyer, and Data Loss Prevention
|
|
Quarantine logs
|
Information about email messages and files quarantined due to threats or policy
violations.
|
|
URL click tracking logs
|
Information about user clicks on URLs in incoming email messages and the actions
taken for the clicked URLs.
|
|
Email tracking logs
|
Information about how the Exchange Online or Gmail email messages are routed to Cloud App Security for Inline Protection, including where
Cloud App Security gets the message and sends the
message back to.
|
|
API integration logs
|
Information about the action taken on an email message matching any item in the
Blocked Lists for Exchange Online configured through the Threat Remediation API.
|
|
Audit logs
|
Information about user log-on sessions, policy change events, quarantine management
operations, and other management events.
|