Skip to main content
Skip table of contents

Trend Micro Mail Tracking Event

Vendor Documentation

https://docs.trendmicro.com/en-us/enterprise/trend-micro-email-security-online-help/logs-in-hes/managing-syslog/syslog-content-mappi/cef-detection-logs.aspx

https://docs.trendmicro.com/en-us/enterprise/trend-micro-email-security-online-help/logs-in-hes/managing-syslog.aspx

Classification

Rule NameRule TypeClassificationCommon Event
Trend Micro Mail Tracking EventBase RuleInformationGeneral Tracking Log
TRACKING - BouncedSub RuleWarningEmail Message Bounced
TRACKING - Delivery ErrorSub RuleErrorEmail Delivery Internal Error
TRACKING - DeletedSub RuleInformationEmail Deleted
TRACKING - DeliveredSub RuleInformationEmail Delivered
TRACKING - ExpiredSub RuleInformationEmail Message Expired
TRACKING - QuarantinedSub RuleFailed ActivityQuarantined Message
TRACKING - RedirectedSub RuleInformationEmail Message Redirected

Mapping with LogRhythm Schema

Device Key in Log Message

LogRhythm Schema

Data Type

Schema Description

logVerN/AN/ACEF format version
vendorN/AN/AAppliance vendor
pnameN/AN/AAppliance product
pverN/AN/AAppliance version
eventidN/AN/ASignature ID
eventName<vmid>Text/StringDescription
severity<severity> NumberEmail severity
rtN/AN/ALog generation time
suser<sender>Text/StringEmail sender
duser<recipient>Text/StringEmail recipients
msg <subject>Text/StringEmail subject
src<sip>IP AddressSource IP address
deviceTranslatedAddressN/AN/ARelay MTA IP address
cs1LabelN/AN/AInternal email message ID's label
cs1N/AN/AInternal email message ID
cs2LabelN/AN/AEmail message direction's label
cs2N/AN/AEmail message direction
cs3LabelN/AN/AUnique message identifier's label
cs3N/AN/AUnique message identifier
cs4LabelN/AN/AEmail attachments Label
cs4<objectname>
<hash>		Text/StringEmail attachments
cn1LabelN/AN/AEmail message size's label
cn1<size>NumberEmail message size
act<action>
<tag1>		Text/String

Action on an email message

Possible entries:

  • Bounced
  • Temporary delivery error
  • Deleted
  • Delivered
  • Expired
  • Quarantined
  • Redirected
  • Submitted to sandbox
  • Password analyzing
cs5LabelN/AN/ATLS information's label
cs5N/AN/ATLS information
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close