To view specific data, select from the following optional attributes and operators, and type an associated value.
Attribute |
Operator |
Action |
---|---|---|
Sender |
Equals/Contains/Does not contain |
Type a value |
Recipient |
Equals/Contains/Does not contain |
Type a value |
Email Header (From) |
Has from/No from |
|
Equals/Contains/Does not contain |
Type a value |
|
Email Header (To) |
Equals/Contains/Does not contain |
Type a value |
Source IP |
Contains/Does not contain/Equals |
Type a value |
In range/Not in range |
Type a range |
|
Source IP Country/Region |
In/Not in |
Select one or more source IP countries |
Sender IP |
Contains/Does not contain/Equals |
Type a value |
In range/Not in range |
Type a range |
|
Sender IP Country/Region |
In/Not in |
Select one or more source IP countries |
Message ID |
Contains/Does not contain |
Type a value |
Subject |
Has subject/No subject |
|
Equals/Contains/Does not contain |
Type a value |
|
Direction |
Equals |
Select a direction |
URL |
Has URL/No URL |
|
Equals/Like/Contains/Does not contain |
Type a value |
|
File name |
Has file name/No file name |
|
Equals/Contains/Does not contain |
Type a value |
|
Has Password-protected Attachment |
Yes/No |
|
File SHA-1 |
Contains/Does not contain/Equals |
Type a value |
File SHA-256 |
Contains/Does not contain/Equals |
Type a value |
Threat Name |
Contains/Does not contain/Equals/Starts with |
Type a value |
Threat Type |
In/Not in |
Select one or more threat types |
Identified By |
In/Not in |
Select one or more identification sources |
Suspicious Object |
Contains/Does not contain/Equals/Starts with |
Type a value |
Policy |
Equals/Contains/Does not contain |
Type a value |
Policy Rule |
Equals/Contains/Does not contain |
Type a value |
YARA Rule File Name |
Has YARA rule file name/No YARA rule file name |
|
Contains/Does not contain/Equals |
Type a value |
|
Data Identifier |
Equals/Contains/Does not contain |
Type a value |
DLP Template |
Equals/Contains/Does not contain |
Type a value |
Is Manual Email Submission |
Yes/No |
|
Action |
In/Not in |
Select one or more actions |
For details, see the following: