...
The Devo Mimecast Collector uses the Mimecast API to extract all the relevant information and send it as events to Devo.
Data sources
Data Sourcesource | Description | API Endpointendpoint | Devo table |
|---|
Audit | Audit Events | /api/audit/get-audit-events
| mail.mimecast.audit.events
|
Attachments | Attachment Protection Logs | /api/ttp/attachment/get-logs
| mail.mimecast.ttp.attachment
|
Impersonation | TTP Impersonation Protect Logs | /api/ttp/impersonation/get-logs
| mail.mimecast.ttp.impersonation
|
Url | TTP URL Logs | /api/ttp/url/get-logs
| mail.mimecast.ttp.url
|
Search | Search Logs | /api/archive/get-search-logs
| mail.mimecast.archive.search
|
View | Archive Message View Logs | /api/archive/get-view-logs
| mail.mimecast.archive.messageview
|
Threatfeed | Threat Intel Feed | /api/ttp/threat-intel/get-feed
| mail.mimecast.threat.feed
|
Messageholdlist | Hold Message List | /api/gateway/get-hold-message-list
| mail.mimecast.message.list
|
Messageholdsummary | Message Hold Summary List | /api/gateway/get-hold-summary-list
| mail.mimecast.message.summary
|
Dashboard | Dashboard Notifications | /api/account/get-dashboard-notifications
| mail.mimecast.account.dashboard
|
Siem | SIEM Logs | /api/audit/get-siem-logs
| mail.mimecast.siem.receipt
mail.mimecast.siem.process
mail.mimecast.siem.delivery
mail.mimecast.siem.jrnl
mail.mimecast.siem.av
mail.mimecast.siem.iep
mail.mimecast.siem.impersonation
mail.mimecast.siem.spameventthread
mail.mimecast.siem.ttp
|
...
