Page Comparison

Table of Contents

minLevel	1
maxLevel	2
outline	false
style	none
type	flat
printable	true

Introduction

The tags beginning with dmarc.sendmarc identify events generated by Sendmarc.

Valid tags and data tables

The full tag must have four levels. The first two are fixed asdmarc.sendmarc. The third level identifies the type of events sent. The fourth level indicates the event subtype.

These are the valid tags and corresponding data tables that will receive the parsers' data:

For more information, read more about Devo tags.

Table structure

These are the fields displayed in these tables:

Expand

title	dmarc.sendmarc.bimi.domain

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
uuid	`str`
selector	`str`
record_type	`str`
value	`str`
ttl	`int4`
description	`str`
image_url	`str`
created_at	`timestamp`
updated_at	`timestamp`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Expand

title	dmarc.sendmarc.bimi.selector

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
uuid	`str`
selector	`str`
record_type	`str`
value	`str`
ttl	`int4`
description	`str`
image_url	`str`
created_at	`timestamp`
updated_at	`timestamp`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Expand

title	dmarc.sendmarc.dkim.domain

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
uuid	`str`
selector	`str`
record_type	`str`
value	`str`
ttl	`int4`
description	`str`
created_at	`timestamp`
updated_at	`timestamp`
file_path	`str`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Expand

title	dmarc.sendmarc.dkim.public_key

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
uuid	`str`
selector	`str`
record_type	`str`
value	`str`
ttl	`int4`
description	`str`
created_at	`timestamp`
updated_at	`timestamp`
file_path	`str`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Expand

title	dmarc.sendmarc.ip_address.aggregate_records_report

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
rid	`str`
organisation	`str`
published_policy_p	`str`
published_policy_sp	`str`
published_policy_pct	`int4`
published_policy_fo	`str`
published_policy_adkim	`str`
published_policy_aspf	`str`
rrid	`str`
count	`int4`
policy_evaluated_disposition	`str`
policy_evaluated_dkim	`str`
policy_evaluated_spf	`str`
policy_evaluated_override_reasons	`str`
identifiers_envelope_to	`str`
identifiers_envelope_from	`str`
identifiers_header_from	`str`
type	`str`
domain	`str`
result	`str`
dkim_selector	`str`
dkim_human_result	`str`
spf_scope	`str`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Expand

title	dmarc.sendmarc.ip_address.domain

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
total_incidents	`str`
total_threat_incidents	`str`
total_blacklisted_incidents	`str`
total_complete_passes	`str`
total_dkim_fails_spf_passes	`str`
total_complete_failures	`str`
total_overrides_none	`str`
total_overrides_quarantine	`str`
total_overrides_reject	`str`
total_spf_fails_dkim_passes	`str`
total_forwards	`str`
source_uuid	`str`
source_group_uuid	`str`
organisation	`str`
service	`str`
service_type	`str`
category	`str`
asn	`str`
isp	`str`
source_ip	`str`
source_ipv4	`ip4`
source_ipv6	`ip6`
host_name	`str`
country	`str`
threat_level	`str`
threat_types	`str`
is_blacklisted	`int4`
blacklists	`str`
country_name	`str`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Expand

title	dmarc.sendmarc.ip_address.sender

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
total_incidents	`str`
total_threat_incidents	`str`
total_blacklisted_incidents	`str`
total_complete_passes	`str`
total_dkim_fails_spf_passes	`str`
total_complete_failures	`str`
total_overrides_none	`str`
total_overrides_quarantine	`str`
total_overrides_reject	`str`
total_spf_fails_dkim_passes	`str`
total_forwards	`str`
source_uuid	`str`
source_group_uuid	`str`
organisation	`str`
service	`str`
service_type	`str`
category	`str`
asn	`str`
isp	`str`
source_ip	`str`
source_ipv4	`ip4`
source_ipv6	`ip6`
host_name	`str`
country	`str`
threat_level	`str`
threat_types	`str`
is_blacklisted	`int4`
blacklists	`str`
country_name	`str`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Expand

title	dmarc.sendmarc.ip_address.source

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
total_incidents	`str`
total_threat_incidents	`str`
total_blacklisted_incidents	`str`
total_complete_passes	`str`
total_dkim_fails_spf_passes	`str`
total_complete_failures	`str`
total_overrides_none	`str`
total_overrides_quarantine	`str`
total_overrides_reject	`str`
total_spf_fails_dkim_passes	`str`
total_forwards	`str`
source_uuid	`str`
source_group_uuid	`str`
organisation	`str`
service	`str`
service_type	`str`
category	`str`
asn	`str`
isp	`str`
source_ip	`str`
source_ipv4	`ip4`
source_ipv6	`ip6`
host_name	`str`
country	`str`
threat_level	`str`
threat_types	`str`
is_blacklisted	`int4`
blacklists	`str`
country_name	`str`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Expand

title	dmarc.sendmarc.sender.domain

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
total_incidents	`str`
total_threat_incidents	`str`
total_blacklisted_incidents	`str`
total_complete_passes	`str`
total_dkim_fails_spf_passes	`str`
total_complete_failures	`str`
total_overrides_none	`str`
total_overrides_quarantine	`str`
total_overrides_reject	`str`
total_spf_fails_dkim_passes	`str`
total_forwards	`str`
uuid	`str`
organisation	`str`
service	`str`
service_type	`str`
logo	`str`
spf_include	`str`
category	`str`
domain_uuid	`str`
is_spf_configured	`int4`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Expand

title	dmarc.sendmarc.sender.domain_detail

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
total_incidents	`str`
total_threat_incidents	`str`
total_blacklisted_incidents	`str`
total_complete_passes	`str`
total_dkim_fails_spf_passes	`str`
total_complete_failures	`str`
total_overrides_none	`str`
total_overrides_quarantine	`str`
total_overrides_reject	`str`
total_spf_fails_dkim_passes	`str`
total_forwards	`str`
uuid	`str`
organisation	`str`
service	`str`
service_type	`str`
logo	`str`
spf_include	`str`
category	`str`
domain_uuid	`str`
is_spf_configured	`int4`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Expand

title	dmarc.sendmarc.setting.dmarc

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
policy	`str`
subdomain_policy	`str`
policy_percentage	`int4`
aggregate_report_recipient_emails	`str`
aggregate_report_interval	`int4`
forensic_report_processing	`str`
forensic_report_recipient_emails	`str`
forensic_report_options	`str`
forensic_report_format	`str`
dkim_alignment	`str`
spf_alignment	`str`
created_at	`timestamp`
updated_at	`timestamp`
file_path	`str`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Expand

title	dmarc.sendmarc.setting.spf

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
directives	`str`
modifiers	`str`
all_mechanism_qualifier	`str`
enable_optimization	`bool`
optimization_level	`str`
optimization_expires_at	`str`
optimization_meta_orig_num_lookup	`int4`
optimization_meta_orig_num_secondary_lookup	`int4`
optimization_meta_orig_num_void_lookup	`int4`
optimization_meta_num_lookup	`int4`
optimization_meta_num_secondary_lookup	`int4`
created_at	`timestamp`
updated_at	`timestamp`
file_path	`str`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Expand

title	dmarc.sendmarc.setting.sts

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
enabled	`bool`
managed	`bool`
severity	`str`
created_at	`timestamp`
updated_at	`timestamp`
file_path	`str`
policy	`str`
mx_servers	`str`
mta_sts	`str`
tls_rpt	`str`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Expand

title	dmarc.sendmarc.volume.group_total

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
total_incidents	`str`
total_complete_passes	`str`
total_spf_fails_dkim_passes	`str`
total_dkim_fails_spf_passes	`str`
total_complete_failures	`str`
total_overrides_none	`str`
total_overrides_quarantine	`str`
total_overrides_reject	`str`
total_sources	`int4`
grouping	`str`
grouping_value	`str`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Expand

title	dmarc.sendmarc.volume.timeline

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
total_incidents	`str`
total_complete_passes	`str`
total_spf_fails_dkim_passes	`str`
total_dkim_fails_spf_passes	`str`
total_complete_failures	`str`
total_overrides_none	`str`
total_overrides_quarantine	`str`
total_overrides_reject	`str`
total_sources	`int4`
date	`timestamp`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Expand

title	dmarc.sendmarc.volume.total

Field	Type	Extra fields
eventdate	`timestamp`
machine	`str`
total_incidents	`str`
total_complete_passes	`str`
total_spf_fails_dkim_passes	`str`
total_dkim_fails_spf_passes	`str`
total_complete_failures	`str`
total_overrides_none	`str`
total_overrides_quarantine	`str`
total_overrides_reject	`str`
total_sources	`int4`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓

Versions Compared

Old Version 1

New Version 2

Key

Introduction

Valid tags and data tables

Table structure

Product / Service	Tags	Data tables
Sendmarc DMARC	`dmarc.sendmarc.bimi.domain`	`dmarc.sendmarc.bimi.domain`
	`dmarc.sendmarc.bimi.selector`	`dmarc.sendmarc.bimi.selector`
	`dmarc.sendmarc.dkim.domain`	`dmarc.sendmarc.dkim.domain`
	`dmarc.sendmarc.dkim.public_key`	`dmarc.sendmarc.dkim.public_key`
	`dmarc.sendmarc.ip_address.aggregate_records_report`	`dmarc.sendmarc.ip_address.aggregate_records_report`
	`dmarc.sendmarc.ip_address.domain`	`dmarc.sendmarc.ip_address.domain`
	`dmarc.sendmarc.ip_address.sender`	`dmarc.sendmarc.ip_address.sender`
	`dmarc.sendmarc.ip_address.source`	`dmarc.sendmarc.ip_address.source`
	`dmarc.sendmarc.sender.domain`	`dmarc.sendmarc.sender.domain`
	`dmarc.sendmarc.sender.domain_detail`	`dmarc.sendmarc.sender.domain_detail`
	`dmarc.sendmarc.setting.dmarc`	`dmarc.sendmarc.setting.dmarc`
	`dmarc.sendmarc.setting.spf`	`dmarc.sendmarc.setting.spf`
	`dmarc.sendmarc.setting.sts`	`dmarc.sendmarc.setting.sts`
	`dmarc.sendmarc.volume.group_total`	`dmarc.sendmarc.volume.group_total`
	`dmarc.sendmarc.volume.timeline`	`dmarc.sendmarc.volume.timeline`
	`dmarc.sendmarc.volume.total`	`dmarc.sendmarc.volume.total`