Vendor Documentation
Classification
|
Rule Name |
Rule Type |
Classification |
Common Event |
|---|---|---|---|
|
Message Bounced or Delayed |
Base Rule |
Ops/Warning |
Message Temporarily Rejected |
|
Bounced : Bad Destination Email Address |
Sub Rule |
Ops/Warning |
Bad Address |
|
Bounced : Bad Destination Host |
Sub Rule |
Ops/Warning |
Host Not Found |
|
Bounced : Other Mail System Problem |
Sub Rule |
Ops/Warning |
Mail Warning |
|
Bounced : Unknown Address |
Sub Rule |
Ops/Warning |
Bad Address |
|
Delayed : Unknown Address |
Sub Rule |
Ops/Warning |
Bad Address |
|
Delayed : Other Mail System Problem |
Sub Rule |
Ops/Warning |
Mail Warning |
|
Bounced : Message Too Old |
Sub Rule |
Ops/Warning |
Delivery Time Expired |
|
Double Bounce : Message Too Old |
Sub Rule |
Ops/Warning |
Delivery Time Expired |
|
Double Bounce : Bad Destination Email Address |
Sub Rule |
Ops/Warning |
Bad Address |
|
Double Bounce : Bad Destination Host |
Sub Rule |
Ops/Warning |
Host Not Found |
|
Double Bounce : Other Mail System Problem |
Sub Rule |
Ops/Warning |
Mail Warning |
|
Double Bounce : Unknown Address |
Sub Rule |
Ops/Warning |
Bad Address |
|
Delayed : Bad Destination Email Address |
Sub Rule |
Ops/Warning |
Bad Address |
|
Delayed : Bad Destination Host |
Sub Rule |
Ops/Warning |
Host Not Found |
Mapping with LogRhythm Schema
|
Device Key in Log Message |
LogRhythm Schema |
Data Type |
Schema Description |
|
|
<vmid> |
Number |
|
|
|
<dname> |
Text\String |
|
|
|
<domainorigin> |
Text\String |
|
|
MID |
<session> |
Number |
|
|
DCID |
<processid> |
Number |
|
|
|
<object> |
Text\String |
|
|
|
<recipient> |
Text\String |
|
|
|
<tag1> |
Text\String |
|
|
|
<tag2> |
Text\String |
|