This group includes tags that start with the level mail. These tags identify data generated by email servers.
| Company | Product / service | Valid tags |
|---|
| Agari Phishing Defense | mail.agari.phishing_defense.policy_eventsmail.agari.phishing_defense.messages
Check more info about these parsers |
| Cisco Email Security Appliance | |
| | |
| Microsoft Exchange Server
| mail.exchange.messagetrackingmail.exchange.ncsamail.exchange.w3c
|
| FortiMail: Secure Email Gateway | mail.fortinet.event.adminmail.fortinet.event.configmail.fortinet.event.hamail.fortinet.event.smtpmail.fortinet.event.updatemail.fortinet.spammail.fortinet.statisticsmail.fortinet.virus.infected
|
| KnowBe4 | mail.knowbe4.phisher.webhooks
Check more info about these parsers |
| Mimecast Secure Email Gateway
Mimecast Targeted Threat Protection | mail.mimecast.archivemail.mimecast.archive.messageviewmail.mimecast.archive.searchmail.mimecast.audit.eventsmail.mimecast.siemmail.mimecast.siem.deliverymail.mimecast.siem.jrnlmail.mimecast.siem.processmail.mimecast.siem.receiptmail.mimecast.ttpmail.mimecast.ttp.attachmentmail.mimecast.ttp.impersonationmail.mimecast.ttp.urlmail.mimecast.message.listmail.mimecast.message.summarymail.mimecast.threat.feedmail.mimecast.account.dashboard
Check more info about these parsers |
| Postfix mail server
| mail.postfix.errormail.postfix.info
|
| Proofpoint Email Protection | mail.proofpoint.tapsiem_v2 mail.proofpoint.sendmail mail.proofpoint.stdout mail.proofpoint.trap mail.proofpoint.tapsiem_v2.clicksblocked mail.proofpoint.tapsiem_v2.clickspermitted mail.proofpoint.tapsiem_v2.messagesblocked mail.proofpoint.tapsiem_v2.messagesdelivered
Check more info about these parsers |
| Trend Micro InterScan Messaging Security Suite (IMSS) | mail.smtp.as400alertsmail.smtp.dlpmail.smtp.generalmail.smtp.imss-polevtmail.smtp.spam-etimail.smtp.spam-spainmail.smtp.spam-tismail.smtp.spam-trap
|
