Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Overview

Proofpoint on Demand API is designed for securing and managing email communications within your organization. The API provides access to Proofpoint's email protection services, including threat analysis, filtering, and reporting in real time.

Devo collector features

Feature

Details

Allow parallel downloading (multipod)

not allowed

Running environments

  • collector server

  • on-premise

Data sources

Source

Description

Devo table

Message

Application API provides operations to manage applications and/or assignments to users or groups for your organization.

mail.proofpoint.pod.message

Mail Log

Allows for the retrieval and analysis of detailed mail logs, giving insights into email traffic patterns, delivery status, and threat detection activities.

mail.proofpoint.pod.maillog

For more information on how the events are parsed, visit our page.

Vendor setup

Getting Proofpoint On Demand (PoD) credentials

Run the collector

Once the data source is configured, you can either send us the required information if you want us to host and manage the collector for you (Cloud collector), or deploy and host the collector in your own machine using a Docker image (On-premise collector).

Change log

Release

Released on

Release type

Details

Recommendations

v1.1.0

NEW FEATURE BUG FIXING

New features

  • New parameters override_tag_base and override_url_base for config.yaml

  • Parametrize timestamp_field and datetime_format to collector_definitions.yaml

  • Reduce memory usage by changing time_window_hours to 1

  • Send messages and flush the ProcessingLayer's cache immediately on connection close

  • Optimize ProcessingLayer's performance

  • Detection when start_time has been changed to use it instead of persisted data (creates persistence v2)

  • Persistence data structure automatic migration from v1 to v2

  • Adapt unit tests to new functionalities

  • Mock web-socket server with Proofpoint POD API specifics for integration tests without credentials:

    • Rounding down sinceTime param to the nearest hour

    • Some events coming unsorted

Bug fixing

  • High CPU usage caused by a wait mechanism not working correctly

  • Reduce persisted data size, causing memory issues (INT-2562, INT-2489)

  • Improved duplicate filtering (2509)

Improvements

  • Upgrade DCSDK to v1.12.2 from v1.12.1

    • Upgrade DevoSDK dependency to version v5.4.0

Recommended version

v1.0.1

BUG FIXING

Bug fixing:

  • Added reset mechanism for stats counters to avoid growing them indefinitely

Upgrade

v1.0.0

NEW FEATURE

New features:

  • Used DCSDK 1.11.1

  • Based on websocket-client

  • Created services:

    • message

    • maillog

Initial version

  • No labels