Retrieves mail tracking logs that meet specified criteria.
HTTP Request
GET https://<serviceURL>/api/v1/log/mailtrackinglog?type=<type>[&domain=<domain>][&start=<start>][&end=<end>][&limit=<limit>][&token=<token>]
Request Parameters
|
Parameter
|
Required
|
Description
|
||
|
domain
|
No
|
Domain from which you want to retrieve mail tracking logs.
If this parameter is not specified, the logs from all domains are queried.
|
||
|
direction
|
No
|
Direction of the logs that you want to retrieve. Options include:
|
||
|
type
|
Yes
|
Email traffic type of the logs that you want to retrieve. Options include:
|
||
|
start
end
|
No
|
Start and end time period to retrieve logs.
Format: ISO 8601 timestamp to the second or millisecond in UTC,
yyyy-mm-ddThh:mm:ss[.mmm]Z
Example: 2016-07-22T01:51:31Z or
2016-07-22T01:51:31.001Z
The request retrieves logs generated within a maximum of 72 hours before the
request is sent according to the
start and end
settings:
|
||
|
limit
|
No
|
Maximum number of log items to return in each response.
The default value is 500.
If the total log items requested exceed the specified limit, a token is provided
in the
nextToken parameter in the response. Use this token to
form a second request to retrieve the next set of log items.Repeat this until the
nextToken parameter is not returned in
a response. |
||
|
token
|
No
|
Use the value of
nextToken returned in the previous response
to retrieve the next set of log items. |
HTTP Request Example
GET https://<serviceURL>/api/v1/log/mailtrackinglog?domain=example.com&type=accepted_traffic&start=2020-11-25T00:00:00Z&end=2020-11-25T23:59:59Z&limit=1&token=Lu2XNNHim8CZpKoJEJKREJj6jpojv HTTP/1.1 Authorization: Basic c2FtcGxlOmZqZmo0OTBpNGpnaDAzM2dsajQzYXB3ZW1hMzEwdjEwamIxZ2lrM2oz Accept-Encoding: gzip
Response
On success, the service sends back an HTTP 200 response and returns a response body
in JSON
format; otherwise, the response body contains error details. For more information
about
errors, see API response codes.
|
Status Code
|
Description
|
|
200
|
Successful.
The mail tracking logs are returned in the response body.
|
The response body is an array of log objects in JSON format.
Response Example
HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
{
"nextToken": "Lu2XNNHim8CZpKoJEJKREJj6jpojvvROIwMK6xL+zILf8DsPpkW5W8/XhJiWH5tsJh8VrkdCIvpmJPEd71JKaUVoxTzDTU8/3RZVvYMfxzSyGIl2XYpWj9Qo+wigLGpHY4w==",
"logs": [
{
"genTime": "2020-11-25T06:53:19Z",
"timestamp": "2020-11-25T06:53:18Z",
"deliveryTime": "2020-11-25T06:53:28Z",
"sender": "sender@example.com",
"direction": "in",
"messageID": "<7bebfeb6-f035-451f-8c4f-3377ab457b07@atl1s07mta2135.xt.local>",
"subject": "response sample",
"size": 66390,
"mailID": "73173f80-2e0e-46df-b2dc-a62e80167067",
"recipient": "rcpt@example.com",
"action": "Delivered",
"tlsInfo": "upstreamTLS: TLS 1.2; downstreamTLS: TLS 1.2",
"headerFrom": "header_sender@example.com",
"headerTo": [
"header_rcpt1@example.com",
"header_rcpt2@example.com",
"header_rcpt3@example.com"
],
"senderIP": "1.1.1.1",
"deliveredTo": "2.2.2.2",
"attachments": [{
"fileName": "test1.zip",
"sha256": "f78960148721b59dcb563b9964a4d47e2a834a4259f46cd12db7c1cfe82ff32e"
}, {
"fileName": "test2.zip",
"sha256": "329436266f3927e89ea961e26855c8bd1f51401d92babd6627e493295376daf5"
}
],
"embeddedUrls": [
"http://example1.com",
"http://example2.com"
],
"details": "250 2.0.0 Ok: queued as 3CBEFC0811"
}
]
}
Response Parameters
|
Name
|
Type
|
Description
|
||
|
nextToken
|
String
|
Token string for the follow-up request if the total log items requested exceed
the specified limit to retrieve at a time.
Use this string to form a second request to retrieve the next set of log
items.
Repeat this until the
NextToken parameter is not returned in
a response anymore. |
||
|
logs
|
JSON array
|
Overall information of the requested mail tracking log items.
|
||
|
timestamp
|
ISO 8601 timestamp
|
Date and time when Trend Micro Email
Security received the
email message.
|
||
|
genTime
|
ISO 8601 timestamp
|
Date and time when the mail tracking log was generated.
|
||
|
deliveryTime
|
ISO 8601 timestamp
|
Date and time when Trend Micro Email
Security sent the email
message to the next hop.
|
||
|
sender
|
String
|
Email address of the sender.
|
||
|
headerFrom
|
String
|
Email address of the sender in the mail header.
|
||
|
recipient
|
String
|
Email address of the recipient.
|
||
|
headerTo
|
String
|
Email address(es) of the recipient(s) in the mail header.
|
||
|
subject
|
String
|
Subject of the email message.
|
||
|
senderIP
|
String
|
Source IP address.
|
||
|
deliveredTo
|
String
|
Relay MTA address.
|
||
|
mailID
|
String
|
Internal email message ID.
|
||
|
direction
|
String
|
Direction of the email message.
|
||
|
messageID
|
String
|
ID of the email message.
|
||
|
size
|
Integer
|
Size of the email message, in bytes.
|
||
|
action
|
String
|
Action that Trend Micro Email
Security took on the email
message.
|
||
|
reason
|
String
|
Reason why the email message was blocked.
|
||
|
attachments
|
JSON array
|
Attachment information of the email message.
|
||
|
fileName
|
String
|
Name of the attachment file.
|
||
|
sha256
|
String
|
SHA256 checksum string of the attachment file.
|
||
|
embeddedUrl
|
String array
|
URL(s) embedded in the email message.
|
||
|
tlsInfo
|
String
|
Upstream and downstream TLS status.
|
||
|
details
|
String
|
|
