The following table lists the system event logs in Deep Discovery Email Inspector.
|
ID |
Log Type |
Message |
|---|---|---|
|
11001 |
Update events |
Product Updates: {USER} installed hot fix {VERSION} from {IP} |
|
11002 |
Update events |
Product Updates: {USER} rolled back hot fix {VERSION} from {IP} |
|
11003 |
Update events |
Product Updates: Appliance firmware upgraded by {USER} from {IP} |
|
12001 |
Update events |
Deep Discovery Director: Hotfix update successful |
|
12002 |
Update events |
Deep Discovery Director: Firmware update successful |
|
12003 |
Update events |
Deep Discovery Director: Virtual Analyzer image import successful |
|
12004 |
Update events |
Deep Discovery Director: Configuration update successful |
|
12005 |
Update events |
Deep Discovery Director: Unregistered by Deep Discovery Director administrator |
|
12101 |
Update events |
Deep Discovery Director: Suspicious object synchronization with Apex Central disabled |
|
12201 |
Update events |
Deep Discovery Director: End-User Quarantine configuration disabled |
|
130xx |
Update events |
ActiveUpdate: {COMPONENT} downloaded manually by {USER} from {IP} |
|
131xx |
Update events |
ActiveUpdate: {COMPONENT} unsuccessfully downloaded manually by {USER} from {IP} |
|
132xx |
Update events |
ActiveUpdate: {COMPONENT} downloaded by scheduled update |
|
133xx |
Update events |
ActiveUpdate: {COMPONENT} unsuccessfully downloaded by scheduled update |
|
134xx |
Update events |
ActiveUpdate: {COMPONENT} rolled back to version {VERSION} by {USER} from {IP} |
|
135xx |
Update events |
ActiveUpdate: {COMPONENT} unsuccessfully rolled back by {USER} from {IP} |
|
136xx |
Update events |
ActiveUpdate Exception - Apply {COMPONENT} {VERSION} to local scanner failed |
|
20101 |
Audit log |
System started |
|
20102 |
Audit log |
System stopped |
|
20201 |
Audit log |
Service started |
|
20202 |
Audit log |
Service stopped |
|
20301 |
Audit log |
License: {NAME} license expired, grace period ends on {DATE} |
|
20302 |
Audit log |
License: {NAME} license expired |
|
20303 |
Audit log |
License: {NAME} license updated |
|
20401 |
Audit log |
System Maintenance: Device powered off by {USER} from {IP} |
|
20402 |
Audit log |
System Maintenance: Device restarted by {USER} from {IP} |
|
20501 |
Audit log |
Logon: 'admin' logged on from {HOST} via SSH |
|
20502 |
Audit log |
Logon: Attempted logon with user name ('admin') from {HOST} via SSH |
|
20503 |
Audit log |
Logon: 'root' logged on from {HOST} with token {NAME} via SSH |
|
20504 |
Audit log |
Logon: Attempted logon with user name ('root') from {HOST} via SSH |
|
20505 |
Audit log |
Logon: 'admin' logged off from {HOST} via SSH |
|
20506 |
Audit log |
Logon: 'root' logged off from {HOST} with token {NAME} via SSH |
|
20507 |
Audit log |
Logon: Attempted logon with user name {USER} from {HOST} via SSH |
|
30101 |
Audit log |
Active update source setting was changed |
|
30102 |
Audit log |
Active update schedule setting was changed |
|
30201 |
Audit log |
System Settings: Host name saved as {NAME} by {USER} from {IP} |
|
30202 |
Audit log |
System Settings: {INTERFACE} IPv4 address and subnet mask were saved as {SUBNET} by {USER} from {IP} |
|
30203 |
Audit log |
System Settings: {INTERFACE} IPv6 address and prefix length were saved as {IP}/{LENGTH} by {USER} from {IP} |
|
30204 |
Audit log |
System Settings: {INTERFACE} IPv4 gateway saved as {GATEWAY} by {USER} from {IP} |
|
30205 |
Audit log |
System Settings: {INTERFACE} IPv6 gateway saved as {GATEWAY} by {USER} from {IP} |
|
30206 |
Audit log |
System Settings: {INTERFACE} primary IPv4 DNS server saved as {IP} and secondary IPv4 DNS server saved as {IP} by {USER} from {IP} |
|
30207 |
Audit log |
System Settings: {INTERFACE} primary IPv6 DNS server saved as {IP} and secondary IPv6 DNS server saved as {IP} by {USER} from {IP} |
|
30208 |
Audit log |
System Settings: {INTERFACE} IPv4 address and subnet mask deleted by {USER} from {IP} |
|
30209 |
Audit log |
System Settings: NIC teaming settings changed by {USER} from {IP} |
|
30301 |
Audit log |
System Settings: Operation mode saved as {MODE} by {USER} from {IP} |
|
30401 |
Audit log |
System Settings: Proxy settings modified by {USER} from {IP} |
|
30402 |
Audit log |
System Settings: Proxy settings unsuccessfully modified by {USER} from {IP} |
|
30501 |
Audit log |
System Settings: SMTP server settings modified by {USER} from {IP} |
|
30601 |
Audit log |
System Settings: System time zone saved as {ZONE} by {USER} from {IP} |
|
30602 |
Audit log |
System Settings: NTP server synchronization enabled by {USER} from {IP} |
|
30603 |
Audit log |
System Settings: NTP server synchronization disabled by {USER} from {IP} |
|
30604 |
Audit log |
System Settings: System time saved as {TIME} by {USER} from {IP} |
|
30605 |
Audit log |
System Settings: Database time zone saved as {ZONE} by {USER} from {IP} |
|
30606 |
Audit log |
System Settings: NTP server saved as {NAME} by {USER} from {IP} |
|
30701 |
Audit log |
System Settings: SNMP settings modified by {USER} from {IP} |
|
30702 |
Audit log |
System Settings: SNMP MIB files downloaded by {USER} from {IP} |
|
30703 |
Audit log |
System setting: Session timeout setting modified by {USER} from {IP} |
|
30801 |
Audit log |
Mail Settings: SMTP Connection setting saved by {USER} from {IP} |
|
30802 |
Audit log |
Mail Settings: TLS certificate uploaded by {USER} from {IP} |
|
30803 |
Audit log |
Mail Settings: TLS certificate downloaded by {USER} from {IP} |
|
30901 |
Audit log |
Mail Settings: Delivery profiles exported by {USER} from {IP} |
|
30902 |
Audit log |
Mail Settings: Delivery profiles unsuccessfully exported by {USER} from {IP} |
|
30903 |
Audit log |
Mail Settings: Delivery profiles imported by {USER} from {IP} |
|
30904 |
Audit log |
Mail Settings: Mail Settings: Delivery profiles unsuccessfully imported due to maximum entries (256) exceeded |
|
30905 |
Audit log |
Mail Settings: Delivery profiles unsuccessfully imported by {USER} from {IP} |
|
30906 |
Audit log |
Mail Settings: Delivery profile added by {USER} from {IP} |
|
30907 |
Audit log |
Mail Settings: Delivery profile modified by {USER} from {IP} |
|
30908 |
Audit log |
Mail Settings: Delivery profile deleted by {USER} from {IP} |
|
31001 |
Audit log |
Mail Settings: Mail settings modified by {USER} from {IP} |
|
31101 |
Audit log |
Mail Settings: SMTP server greeting saved by {USER} from {IP} |
|
31102 |
Audit log |
Mail Settings: Internal domain settings modified by {USER} from {IP} |
|
31103 |
Audit log |
Mail Settings: Internal domains imported by {USER} from {IP} |
|
31104 |
Audit log |
Mail Settings: Internal domain '%s' added through a policy by {USER} from {IP} |
|
31201 |
Audit log |
Log Settings: {NAME} syslog server profile created by {USER} from {IP} |
|
31202 |
Audit log |
Log Settings: {NAME} syslog server profile deleted by {USER} from {IP} |
|
31203 |
Audit log |
Log Settings: {NAME} syslog server profile modified by {USER} from {IP} |
|
31204 |
Audit log |
Log Settings: {NAME} enabled by {USER} from {IP} |
|
31205 |
Audit log |
Log Settings: {NAME} disabled by {USER} from {IP} |
|
31206 |
Audit log |
Integrated Products/Services: {USER} synchronized data for all LDAP servers from {IP} |
|
31207 |
Audit log |
Integrated Products/Services: {USER} enabled LDAP server {NAME} from {IP} Log Settings: {NAME} disabled by {USER} from {IP} |
|
31208 |
Audit log |
Integrated Products/Services: {USER} disabled LDAP server {NAME} from {IP} |
|
31301 |
Audit log |
Integrated Products/Services: SFTP Upload settings modified by {USER} from {IP} |
|
31402 |
Audit log |
Integrated Products/Services: {USER} added LDAP server {NAME} from {IP} |
|
31403 |
Audit log |
Integrated Products/Services: {USER} modified LDAP server {NAME} from {IP} |
|
31404 |
Audit log |
Integrated Products/Services: {USER} deleted LDAP server {NAME} from {IP} |
|
31405 |
Audit log |
Integrated Products/Services: {USER} synchronized data for LDAP server {NAME} from {IP} |
|
31406 |
Audit log |
Integrated Products/Services: {USER} synchronized data for all LDAP servers from {IP} |
|
31407 |
Audit log |
Integrated Products/Services: {USER} enabled LDAP server {NAME} from {IP} |
|
31408 |
Audit log |
Integrated Products/Services: {USER} disabled LDAP server {NAME} from {IP} |
|
31501 |
Audit log |
Integrated Products/Services: Threat Intelligent Sharing settings modified by {USER} from {IP} |
|
31502 |
Audit log |
Integrated Products/Services: {USER} generate suspicious objects list from {IP} |
|
31601 |
Audit log |
Integrated Products/Services: Auxiliary Products/Services settings modified by {USER} from {IP} |
|
31602 |
Audit log |
Integrated Products/Services: {USER} clicked Auxiliary Products/Services > Distribute Now from {IP} |
|
31701 |
Audit log |
Systems Settings: Apex Central settings modified by {USER} from {IP} |
|
31702 |
Audit log |
System Settings: Suspicious object synchronization enabled by {USER} from {IP} |
|
31703 |
Audit log |
System Settings: Suspicious object synchronization disabled by {USER} from {IP} |
|
31801 |
Audit log |
System Settings: Proxy settings for Deep Discovery Director modified by {USER} by {IP} |
|
31802 |
Audit log |
System Settings: Registered to Deep Discovery Director by {USER} from {IP} |
|
31803 |
Audit log |
System Settings: Unregistered from Deep Discovery Director by {USER} from {IP} |
|
31804 |
Audit log |
System Settings: Deep Discovery Director fingerprint trusted by {USER} from {IP} |
|
31901 |
Audit log |
Scanning / Analysis: Image imported by {USER} from {IP} |
|
31902 |
Audit log |
Scanning / Analysis: Image deleted by {USER} from {IP} |
|
31903 |
Audit log |
Scanning / Analysis: Number of instances for each Virtual Analyzer image modified by {USER} from {IP} |
|
32001 |
Audit log |
Scanning / Analysis: Virtual Analyzer settings modified by {USER} from {IP} |
|
32101 |
Audit log |
Scanning / Analysis: {PRODUCT NAME} registered to the external Virtual Analyzer |
|
32102 |
Audit log |
Scanning / Analysis: Unable to register to the external Virtual Analyzer |
|
32103 |
Audit log |
Scanning / Analysis: {PRODUCT NAME} unregistered from the external Virtual Analyzer |
|
32104 |
Audit log |
Scanning / Analysis: Virtual Analyzer external integration settings modified by {USER} from ''%s'' |
|
32201 |
Audit log |
Scanning / Analysis: File Passwords setting was modified by {USER} from {IP} |
|
32301 |
Audit log |
Scanning / Analysis: Smart Protection settings modified by {USER} from {IP} |
|
32401 |
Audit log |
Scanning / Analysis: Smart Feedback settings modified by {USER} from {IP} |
|
32501 |
Audit log |
Scanning / Analysis: {USER} added YARA rule {NAME} from {IP} |
|
32502 |
Audit log |
Scanning / Analysis: {USER} modified YARA rule {NAME} from {IP} |
|
32503 |
Audit log |
Scanning / Analysis: {USER} deleted YARA rule {NAME} from {IP} |
|
32504 |
Audit log |
Scanning / Analysis: {USER} modified status for YARA rule {NAME} from {IP} |
|
32510 |
Audit log |
Scanning / Analysis: Time-of-Click settings modified by {USER} from {IP} |
|
32520 |
Audit log |
Scanning / Analysis: High-Profile Users settings modified by {USER} from {IP} |
|
32521 |
Audit log |
Scanning / Analysis: Internal Domains settings modified by {USER} from {IP} |
|
32522 |
Audit log |
Scanning / Analysis: Approved Senders settings modified by {USER} from {IP} |
|
32523 |
Audit log |
Scanning / Analysis: Cousin Domains settings modified by {USER} from {IP} |
|
32530 |
Audit log |
Scanning / Analysis: URL Scanning setting modified by {USER} from {IP} |
|
32601 |
Audit log |
System Maintenance: Configuration imported by {USER} from {IP} |
|
32602 |
Audit log |
System Maintenance: Configuration unsuccessfully imported by {USER} from {IP} |
|
32603 |
Audit log |
System Maintenance: Configuration exported by {USER} from {IP} |
|
32604 |
Audit log |
System Maintenance: Configuration unsuccessfully exported by {USER} from {IP} |
|
32701 |
Audit log |
System Maintenance: Data purge started automatically |
|
32702 |
Audit log |
System Maintenance: Data purge completed ({MIN} min {SEC} s) |
|
32703 |
Audit log |
System Maintenance: Storage maintenance setting modified by {USER} from {IP} |
|
32801 |
Audit log |
System Maintenance: System log level setting modified by {USER} from {IP} |
|
32901 |
Audit log |
Accounts / Contacts: {USER} created the account {NAME} from {IP} |
|
32902 |
Audit log |
Accounts / Contacts: {USER} deleted the account {NAME} from {IP} |
|
32903 |
Audit log |
Accounts / Contacts: {USER} modified the account {NAME} from {IP} |
|
32904 |
Audit log |
Accounts / Contacts: {USER} unlocked the account {NAME} from {IP} |
|
33001 |
Audit log |
Logon: {USER} logged on as {ROLE} role from {IP} |
|
33002 |
Audit log |
Logon: {USER} logged off from {IP} |
|
33003 |
Audit log |
Logon: Attempted logon with an invalid user name ({USER}) or password from {IP} |
|
33004 |
Audit log |
Logon: Attempted logon with a disabled user name ({USER}) from {IP} |
|
33005 |
Audit log |
Logon: Attempted logon with a locked user name {NAME} from {IP} |
|
33006 |
Audit log |
Logon: Unlocked user name {NAME} from {IP} |
|
33007 |
Audit log |
RDQA Logon: ''{USER}'' logged on as {NAME} role from {IP} |
|
33008 |
Audit log |
RDQA Logon: ''{USER}" logged off |
|
33009 |
Audit log |
RDQA Logon: Attempted logon with an invalid user name ''{USER}'' or password from {IP} |
|
33010 |
Audit log |
RDQA Logon: Attempted logon with a disabled user name ''{USER}'' from {IP} |
|
33011 |
Audit log |
RDQA Logon: Attempted logon with a locked user name ''{USER}'' from {IP} |
|
33012 |
Audit log |
RDQA Logon: Unlocked user name ''{USER}'' from {IP} |
|
33101 |
Audit log |
Accounts / Contacts: Contacts for alert notifications and reports modified by {USER} from {IP} |
|
33201 |
Audit log |
Accounts / Contacts: {USER} modified the password for {NAME} from {IP} |
|
33202 |
Audit log |
Accounts / Contacts: {USER} added SAML group {NAME} from {IP} |
|
33203 |
Audit log |
Accounts / Contacts: {USER} modified SAML group {NAME} from {IP} |
|
33204 |
Audit log |
Accounts / Contacts: {USER} deleted SAML group {NAME} from {IP} |
|
33205 |
Audit log |
Accounts / Contacts: {USER} enabled SAML group {NAME} from {IP} |
|
33206 |
Audit log |
Accounts / Contacts: {USER} disabled SAML group {NAME} from {IP} |
|
33301 |
Audit log |
License: {NAME} license activated by {USER} from {IP} |
|
33302 |
Audit log |
License: Attempted to activate {NAME} license using an invalid Activation Code by {USER} from {IP} |
|
33303 |
Audit log |
License: {NAME} license updated by {USER} from {IP} |
|
33401 |
Audit log |
Policy: Policy setting changed by {USER} from {IP} |
|
33402 |
Audit log |
Policy: {USER} added policy {NAME} from {IP} |
|
33403 |
Audit log |
Policy: {USER} modified policy {NAME} from {IP} |
|
33404 |
Audit log |
Policy: {USER} imported policies from {IP} |
|
33405 |
Audit log |
Policy: {USER} deleted policy {NAME} from {IP} |
|
33406 |
Audit log |
Policy: {USER} copied policy {NAME} from {IP} |
|
33407 |
Audit log |
Policy: {USER} enabled policy {NAME} from {IP} |
|
33408 |
Audit log |
Policy: {USER} disabled policy {NAME} from {IP} |
|
33409 |
Audit log |
Policy: {USER} modified priority setting of policy {NAME} from {PRIORITY} to {PRIORITY} from {IP} |
|
33410 |
Audit log |
Policy: {USER} added content filtering rule {NAME} from {IP} |
|
33411 |
Audit log |
Policy: {USER} updated content filtering rule {NAME} from {IP} |
|
33412 |
Audit log |
Policy: {USER} copied content filtering rule {NAME} from {IP} |
|
33413 |
Audit log |
Policy: {USER} deleted content filtering rule {NAME} from {IP} |
|
33414 |
Audit log |
Policy: {USER} added antispam rule {NAME} from {IP} |
|
33415 |
Audit log |
Policy: {USER} updated antispam rule {NAME} from {IP} |
|
33416 |
Audit log |
Policy: {USER} copied antispam rule {NAME} from {IP} |
|
33417 |
Audit log |
Policy: {USER} deleted antispam rule {NAME} from {IP} |
|
33418 |
Audit log |
Policy: {USER} added advanced threat protection rule {NAME} from {IP} |
|
33419 |
Audit log |
Policy: {USER} updated advanced threat protection rule {NAME} from {IP} |
|
33420 |
Audit log |
Policy: {USER} copied advanced threat protection rule {NAME} from {IP} |
|
33421 |
Audit log |
Policy: {USER} deleted advanced threat protection rule {NAME} from {IP} |
|
33422 |
Audit log |
Policy: {USER} added policy notification {NAME} from {IP} |
|
33423 |
Audit log |
Policy: {USER} modified policy notification {NAME} from {IP} |
|
33424 |
Audit log |
Policy: {USER} deleted some policy notifications from {IP} |
|
33425 |
Audit log |
Policy: {USER} copied policy notification {NAME} from {IP} |
|
33426 |
Audit log |
Policy: {USER} added archive server {NAME} from {IP} |
|
33427 |
Audit log |
Policy: {USER} modified archive server {NAME} from {IP} |
|
33428 |
Audit log |
Policy: {USER} deleted some archive servers from {IP} |
|
33429 |
Audit log |
Policy: {USER} added DLP rule {NAME} from {IP} |
|
33430 |
Audit log |
Policy: '{USER} updated DLP rule {NAME} from {IP} |
|
33431 |
Audit log |
Policy: {USER} copied DLP rule {NAME} from {IP} |
|
33432 |
Audit log |
Policy: {USER} deleted DLP rule {NAME} from {IP} |
|
33433 |
Audit log |
Policy Objects: {USER} added expression {NAME} from {IP} |
|
33434 |
Audit log |
Policy Objects: {USER} updated expression {NAME} from {IP} |
|
33435 |
Audit log |
Policy Objects: {USER} copied expression {NAME} from {IP} |
|
33436 |
Audit log |
Policy Objects: {USER} deleted expression {NAME} from {IP} |
|
33437 |
Audit log |
Policy Objects: {USER} imported expression file from {IP} |
|
33438 |
Audit log |
Policy Objects: {USER} added file attribute {NAME} from {IP} |
|
33439 |
Audit log |
Policy Objects: {USER} updated file attribute {NAME} from {IP} |
|
33440 |
Audit log |
Policy Objects: {USER} copied file attribute {NAME} from {IP} |
|
33441 |
Audit log |
Policy Objects: {USER} deleted file attribute {NAME} from {IP} |
|
33442 |
Audit log |
Policy Objects: {USER} imported file attribute file from {IP} |
|
33443 |
Audit log |
Policy Objects: {USER} added keyword list {NAME} from {IP} |
|
33444 |
Audit log |
Policy Objects: {USER} updated keyword list {NAME} from {IP} |
|
33445 |
Audit log |
Policy Objects: {USER} copied keyword list {NAME} from {IP} |
|
33446 |
Audit log |
Policy Objects: {USER} deleted keyword list {NAME}from {IP} |
|
33447 |
Audit log |
Policy Objects: {USER} imported keyword list file from {IP} |
|
33448 |
Audit log |
Policy Objects: {USER} added template {NAME} from {IP} |
|
33449 |
Audit log |
Policy Objects: {USER} updated template {NAME} from {IP} |
|
33450 |
Audit log |
Policy Objects: {USER} copied template {NAME} from {IP} |
|
33451 |
Audit log |
Policy Objects: {USER} deleted template {NAME} from {IP} |
|
33452 |
Audit log |
Policy Objects: {USER} imported template file from {IP} |
|
33453 |
Audit log |
Policy Objects: {USER} added policy stamp {NAME} from {IP} |
|
33454 |
Audit log |
Policy Objects: {USER} modified policy stamp {NAME} from {IP} |
|
33455 |
Audit log |
Policy Objects: {USER} deleted some policy stamps from {IP} |
|
33456 |
Audit log |
Policy Objects: {USER} enabled policy stamp {NAME} from {IP} |
|
33457 |
Audit log |
Policy Objects: {USER} disabled policy stamp {NAME} from {IP} |
|
33501 |
Audit log |
Policy: Policy exception settings modified by {USER} from {IP} |
|
33502 |
Audit log |
Policy: Graymail exception settings modified by {USER} from {IP} |
|
33601 |
Audit log |
Alerts: Alert rule settings modified by {USER} from {IP} |
|
33701 |
Audit log |
Report: Report settings changed by {USER} from {IP} |
|
33801 |
Audit log |
Detected Messages: Message {NAME} downloaded by {USER} from {IP} |
|
33802 |
Audit log |
Detected Messages: Investigation package {NAME} downloaded by {USER} from {IP} |
|
33901 |
Audit log |
Quarantine: MsgID {ID} released by {USER} from {IP} |
|
33902 |
Audit log |
Quarantine: MsgID {ID} deleted by {USER} from {IP} |
|
33903 |
Audit log |
Quarantine: Resumed processing message {ID} by {USER} from {IP} |
|
33904 |
Audit log |
Quarantine: Message {ID} unlocked and reprocessed by {USER} from {IP} |
|
34001 |
Audit log |
Unable to distribute suspicious objects to Check Point OPSEC. Verify that the Check Point OPSEC settings are correct and that no network problem exists. |
|
34002 |
Audit log |
Unable to distribute suspicious objects to Trend Micro TippingPoint SMS. Verify that the Trend Micro TippingPoint SMS settings are correct and that no network problem exists. |
|
34003 |
Audit log |
Unable to distribute suspicious objects to IBM Security Network Protection XGS. Verify that the IBM Security Network Protection XGS settings are correct and that no network problem exists. |
|
34004 |
Audit log |
Unable to distribute suspicious objects to Palo Alto Panorama or Firewalls. Verify that the Palo Alto Panorama or Firewalls settings are correct and that no network problem exists. |
|
34005 |
Audit log |
Unable to generate suspicious objects list. Verify that the Threat Intelligence Sharing settings are correct. |
|
34101 |
Audit log |
End-User Quarantine: EUQ settings modified by {USER} from {IP} |
|
34102 |
Audit log |
End-User Quarantine: User Quarantine Access settings modified by {USER} from {IP} |
|
34103 |
Audit log |
End-User Quarantine: EUQ Digest settings modified by {USER} from {IP} |
|
34201 |
Audit log |
Sender Filtering: Approved Senders list modified by {USER} from {IP} |
|
34202 |
Audit log |
Sender Filtering: ERS settings modified by {USER} from {IP} |
|
34203 |
Audit log |
Sender Filtering: DHA protection settings modified by {USER} from {IP} |
|
34204 |
Audit log |
Sender Filtering: Bounced attack protection settings modified by {USER} from {IP} |
|
34205 |
Audit log |
Sender Filtering: SMTP traffic throttling settings modified by {USER} from {IP} |
|
34206 |
Audit log |
Sender Filtering: Blocked Senders list modified by {USER} from {IP} |
|
34207 |
Audit log |
Sender Filtering: Some Blocked Senders list entries moved to Approved Senders list by {USER} from {IP} |
|
34208 |
Audit log |
Sender Filtering: SPF settings modified by {USER} from {IP} |
|
34209 |
Audit log |
Sender Filtering: DKIM Authentication settings modified by {USER} from {IP} |
|
34210 |
Audit log |
Sender Filtering: DKIM Signatures settings modified by {USER} from {IP} |
|
34211 |
Audit log |
Sender Filtering: DMARC settings modified by {USER} from {IP} |
|
35001 |
Audit log |
Message Queues: Messages deleted by {USER} from {IP} |
|
35002 |
Audit log |
Message Queues: Messages delivered by {USER} from {IP} |
|
35003 |
Audit log |
Message Queues: All messages delivered by {USER} from {IP} |
|
35004 |
Audit log |
Message Tracking: Investigation package {NAME} downloaded by {USER} from {IP} |
|
35005 |
Audit log |
Email Submissions: Message submitted by {USER} from {IP} |
|
35006 |
Audit log |
Message Queues: Messages rerouted by to {IP} by {USER} from {IP} |
|
35007 |
Audit log |
Message Queues: All messages rerouted by to {IP} by {USER} from {IP} |
|
35011 |
Audit log |
Integrated Products/Services: Registered to Email Encryption server by {USER} from {IP} |
|
35012 |
Audit log |
Integrated Products/Services: Domain {DOMAIN} added to Email Encryption server by {USER} from {IP} |
|
35013 |
Audit log |
Integrated Products/Services: Domain {DOMAIN} deleted from Email Encryption server by {USER} from {IP} |
|
35014 |
Audit log |
Integrated Products/Services: Key file uploaded to Email Encryption server for domain {DOMAIN} by {USER} from {IP} |
|
35016 |
Audit log |
Integrated Products/Services: Default sender modified to {SENDER} for Email Encryption by {USER} from {IP} |
|
35017 |
Audit log |
Integrated Products/Services: Email address modified to {EMAIL} for Email Encryption by {USER} from {IP} |
|
35021 |
Audit log |
Integrated Products/Services: {USER} added identity provider server {NAME} from {IP} |
|
35022 |
Audit log |
Integrated Products/Services: {USER} modified identity provider server {NAME} from {IP} |
|
35023 |
Audit log |
Integrated Products/Services: {USER} deleted identity provider server {NAME} from {IP} |
|
35024 |
Audit log |
Integrated Products/Services: {USER} enabled identity provider server {NAME} from {IP} |
|
35025 |
Audit log |
Integrated Products/Services: {USER} disabled identity provider server {NAME} from {IP} |
|
35026 |
Audit log |
Integrated Products/Services: {USER} updated certificate for management console from {IP} |
|
35027 |
Audit log |
Integrated Products/Services: {USER} updated certificate for EUQ console from {IP} |
|
35028 |
Audit log |
Logon: {USER} logged on via identity provider server {NAME} as {ROLE} from {IP} |
|
35029 |
Audit log |
Logon: {USER} logged off via identity provider server {NAME} from {IP} |
|
41001 |
EUQ log |
EUQ: {USER} logged on from {IP} |
|
41002 |
EUQ log |
EUQ: {USER} logged off from {IP} |
|
41003 |
EUQ log |
EUQ: MsgID {ID} released by {USER} from {IP} |
|
41004 |
EUQ log |
EUQ: MsgID {ID} deleted by {USER} from {IP} |
|
41005 |
EUQ log |
EUQ: Approved Senders list modified by {USER} from {IP} |
|
41006 |
EUQ log |
EUQ: {USER} logged on via identity provider server {NAME} from {IP} |
|
41007 |
EUQ log |
EUQ: {USER} logged off via identity provider server {NAME} from {IP} |