Retrieves mail tracking logs that meet specified criteria.
HTTP Request
GET https://<serviceURL>/api/v1/log/mailtrackinglog?type=<type>[&domain=<domain>][&start=<start>][&end=<end>][&limit=<limit>][&token=<token>]
Request Parameters
|
Parameter |
Required |
Description |
|---|---|---|
|
domain |
No |
Domain from which you want to retrieve mail tracking logs. If this parameter is not specified, the logs from all domains are queried. |
|
direction |
No |
Direction of the logs that you want to retrieve. Options include:
|
|
type |
Yes |
Email traffic type of the logs that you want to retrieve. Options include:
Important:
Specify one type at a time. |
|
start end |
No |
Start and end time period to retrieve logs. Format: ISO 8601 timestamp to the second or millisecond in UTC, yyyy-mm-ddThh:mm:ss[.mmm]Z Example: 2016-07-22T01:51:31Z or 2016-07-22T01:51:31.001Z The request retrieves logs generated within a maximum of 72 hours before the request is sent according to the start and end settings:
|
|
limit |
No |
Maximum number of log items to return in each response. The default value is 500. If the total log items requested exceed the specified limit, a token is provided in the nextToken parameter in the response. Use this token to form a second request to retrieve the next set of log items. Repeat this until the nextToken parameter is not returned in a response. |
|
token |
No |
Use the value of nextToken returned in the previous response to retrieve the next set of log items. |
HTTP Request Example
GET https://<serviceURL>/api/v1/log/mailtrackinglog?domain=example.com&type=accepted_traffic&start=2020-11-25T00:00:00Z&end=2020-11-25T23:59:59Z&limit=1&token=Lu2XNNHim8CZpKoJEJKREJj6jpojv HTTP/1.1 Authorization: Basic c2FtcGxlOmZqZmo0OTBpNGpnaDAzM2dsajQzYXB3ZW1hMzEwdjEwamIxZ2lrM2oz Accept-Encoding: gzip
Response
On success, the service sends back an HTTP 200 response and returns a response body in JSON format; otherwise, the response body contains error details. For more information about errors, see API Response Codes.
|
Status Code |
Description |
|---|---|
|
200 |
Successful. The mail tracking logs are returned in the response body. |
The response body is an array of log objects in JSON format.
Response Example
HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
{
"nextToken": "Lu2XNNHim8CZpKoJEJKREJj6jpojvvROIwMK6xL+zILf8DsPpkW5W8/XhJiWH5tsJh8VrkdCIvpmJPEd71JKaUVoxTzDTU8/3RZVvYMfxzSyGIl2XYpWj9Qo+wigLGpHY4w==",
"logs": [
{
"genTime": "2020-11-25T06:53:19Z",
"timestamp": "2020-11-25T06:53:18Z",
"deliveryTime": "2020-11-25T06:53:28Z",
"sender": "sender@example.com",
"direction": "in",
"messageID": "<7bebfeb6-f035-451f-8c4f-3377ab457b07@atl1s07mta2135.xt.local>",
"subject": "response sample",
"size": 66390,
"mailID": "73173f80-2e0e-46df-b2dc-a62e80167067",
"recipient": "rcpt@example.com",
"action": "Delivered",
"tlsInfo": "upstreamTLS: TLS 1.2; downstreamTLS: TLS 1.2",
"headerFrom": "header_sender@example.com",
"headerTo": [
"header_rcpt1@example.com",
"header_rcpt2@example.com",
"header_rcpt3@example.com"
],
"senderIP": "1.1.1.1",
"deliveredTo": "2.2.2.2",
"attachments": [{
"fileName": "test1.zip",
"sha256": "f78960148721b59dcb563b9964a4d47e2a834a4259f46cd12db7c1cfe82ff32e"
}, {
"fileName": "test2.zip",
"sha256": "329436266f3927e89ea961e26855c8bd1f51401d92babd6627e493295376daf5"
}
],
"embeddedUrls": [
"http://example1.com",
"http://example2.com"
],
"details": "250 2.0.0 Ok: queued as 3CBEFC0811"
}
]
}
Response Parameters
|
Name |
Type |
Description |
|---|---|---|
|
nextToken |
String |
Token string for the follow-up request if the total log items requested exceed the specified limit to retrieve at a time. Use this string to form a second request to retrieve the next set of log items. Repeat this until the NextToken parameter is not returned in a response anymore. |
|
logs |
JSON array |
Overall information of the requested mail tracking log items. |
|
timestamp |
ISO 8601 timestamp |
Date and time when Trend Micro Email Security received the email message. |
|
genTime |
ISO 8601 timestamp |
Date and time when the mail tracking log was generated. |
|
deliveryTime |
ISO 8601 timestamp |
Date and time when Trend Micro Email Security sent the email message to the next hop. Note:
This field is returned only when the returned action is Delivered, Bounced, Expired, or Deferred. |
|
sender |
String |
Email address of the sender. |
|
headerFrom |
String |
Email address of the sender in the mail header. |
|
recipient |
String |
Email address of the recipient. |
|
headerTo |
String |
Email address(es) of the recipient(s) in the mail header. |
|
subject |
String |
Subject of the email message. |
|
senderIP |
String |
Source IP address. |
|
deliveredTo |
String |
Relay MTA address. |
|
mailID |
String |
Internal email message ID. |
|
direction |
String |
Direction of the email message. |
|
messageID |
String |
ID of the email message. |
|
size |
Integer |
Size of the email message, in bytes. |
|
action |
String |
Action that Trend Micro Email Security took on the email message. |
|
reason |
String |
Reason why the email message was blocked. |
|
attachments |
JSON array |
Attachment information of the email message. |
|
fileName |
String |
Name of the attachment file. |
|
sha256 |
String |
SHA256 checksum string of the attachment file. |
|
embeddedUrl |
String array |
URL(s) embedded in the email message. |
|
tlsInfo |
String |
Upstream and downstream TLS status. |
|
details |
String |
|