Device Details

Device NameMimecast Email

Vendor

Mimecast

Device Type

Enhanced Logging feature (Download Log File Data)

Supported Model Name/Number

All

Supported Software Version(s)

All

Collection Method

Flat File

Configurable Log Output?

N/A

Log Source Type

Flat File - Mimecast Email

Log Processing Policy

Logrhythm Default

Exceptions

N/A

Additional Information

https://www.mimecast.com/tech-connect/documentation/tutorials/understanding-siem-logs/

Prerequisites

    • In order to successfully use this endpoint, the logged in user must be a Mimecast administrator with at least the Accounts | Dashboard | Read permission.

Supported Log Messages

(List of LR Tags used to parse the log information for each message type)

Type

Product Version

Supported Schema Fields

Email AttachmentAll

<account>, <objectname>, <hash>, <size>, <dip>, <recipient>, <domainorigin>, <objecttype>, <sender>

Email Spam Information

All

<vmid>, <quantity>, <dip>, <status>, <tag2>, <reason>, <object>, <url>, <subject>, <login>, <sender>, <recipient>, <tag1>, <action> <protname>, <hash>, <amount>

Email Statistic InformationAll<vmid>, <action>, <quantity>, <objectname>, <size>, <url>, <amount>
Email Statistic InformationAll<vmid>, <action>, <quantity>, <objectname>, <size>, <url>, <amount>
General Blocked EventAll<reason>, <url>, <status>, <dip>, <dname>, <sender>, <recipient>, <domain>
General Email Attachment MessageAll<vmid>, <dip>, <objecttype>, <url>, <subject>, <quantity>, <sender>, <recipient>, <size>, <protname>, <bytesout>, <policy>

General Email Information

All

<vmid>, <status>, <dip>, <quantity>, <tag1>, <object>, <subject>, <url>, <login>, <amount>, <sender>, <recipient>, <size>, <protname>, <hash>, <itemsout>

General Email Information 2All<vmid>, <sender>, <recipient>, <size>, <status>, <itemsout>, <quantity>, <action>, <tag2>, <protname>, <dip> ,<hash> ,<tag1> ,<object> <url>, <subject>, <login>, <objectname>, <objecttype>
General Email Information 3All<vmid>, <action>, <object>, <sender>, <recipient>, <quantity>, <dip>, <url>, <subject>, <login>, <sender>, <protname>, <hash>, <amount>

Revision History

KB Version

Log Type

Change TypeDetails

KB 7.1.614.0

Flat File

DocumentationExisting device configuration guide updated with new format.