Deep Discovery Email
Inspector supports the
following events.
Syslog events
|
Event
|
Description
|
|
Detection Logs: Email Detection Logs
|
Email detection logs from Deep Discovery Email
Inspector.
These logs contain information related to the detected email messages (such
as sender, recipients, subject, and message ID).
|
|
Detection Logs: Attachment Detection Logs
|
Attachment detection logs from Deep Discovery Email
Inspector.
These logs contain information related to the detected attachments (such as
file name, file size, and file type).
|
|
Detection Logs: URL Detection Logs
|
URL detection logs from Deep Discovery Email
Inspector.
These logs contain the URLs detected and potential threats.
|
|
Alert Logs
|
Alert logs from Deep Discovery Email
Inspector.
These logs contain information related to the alerts (such as alert name and
alert notification content).
|
|
Virtual Analyzer Analysis Logs: File Analysis Events
|
File analysis events from Virtual Analyzer.
These logs contain information related to the analyzed files (such as file
name, file size, and file type).
|
|
Virtual Analyzer Analysis Logs: URL Analysis Events
|
URL analysis events from Virtual Analyzer.
These logs contain the URLs analyzed and potential threats.
|
|
Virtual Analyzer Analysis Logs: Notable Characteristics Events
|
Notable characteristics events from Virtual Analyzer.
These logs contain information about notable characteristics events that are
triggered by the analyzed samples.
|
|
Virtual Analyzer Analysis Logs: Deny List Transaction Events
|
Deny list transaction events from Virtual Analyzer.
These logs contain actions performed on specific deny lists and information
about the deny list objects (such as SHA1 or URL).
|
|
Message Tracking Logs
|
These logs indicate if email messages are received or sent from Deep Discovery Email
Inspector and include evidence of email
message investigation.
|
|
Sender Filtering/Authentication Logs
|
These logs include sender authentication results and actions performed.
|
|
System Logs
|
These are audit logs or update logs from Deep Discovery Email
Inspector.
|
|
MTA Logs
|
These logs contain information on Postfix connections and SMTP activities on Deep Discovery Email
Inspector. Raw MTA logs are sent
directly to syslog servers.
|
|
Time-of-Click Protection Logs
|
These logs contain information on the detections of URLs at the time of user clicks
and
the actions performed.
|