Email Gateway Security
Email Gateways - Email Security - Proxy email
eg: barracuda, mimecast,
Please check back often. These tables are updated regularly to accommodate new fields as provided by vendors.
Field Name
Data Type
agent.type
text
destination.as.organization.name
text
destination.geo.city_name
text
destination.geo.continent_code
text
destination.geo.country_code
text
destination.geo.country_name
text
destination.geo.location.lat
geopoint
destination.geo.location.lon
geopoint
destination.geo.region_name
text
destination.locality
text
email.attachments.file.extension
text
email.attachments.file.hash.md5
text
email.attachments.file.hash.sha1
text
email.attachments.file.hash.sha256
text
email.attachments.file.mime_type
text
email.attachments.file.name
text
email.attachments.file.name
text
email.attachments.file.size
int
email.attachments.file.size
int
email.direction
text
email.from.address
text
email.from.address
text
email.local_id
text
email.message_id
int
email.message.size
email.subject
text
email.to.address
text
error.code
int
error.message
text
error.type
text
event.action
text
event.category
array
event.created
date
event.dataset
text
event.id
text
event.kind
text
event.module
text
event.original
text
event.outcome
text
event.reason
text
event.severity
text
event.type
array
log.type
text
network.community_id
text
observer.type
text
organisation.id
text
related.hash
array
related.hosts
array
related.ip
array
related.user
array
rule.name
text
sensor.id
text
source.as.number
text
source.as.number
text
source.as.organization.name
text
source.domain
ip
source.geo.city_name
text
source.geo.continent_code
text
source.geo.country_code
text
source.geo.country_name
text
source.geo.location.lat
geopoint
source.geo.location.lon
geopoint
source.geo.region_name
text
source.ip
ip
source.locality
text
threatintel.days
int
threatintel.entity
text
threatintel.event_data
text
threatintel.lookup
text
threatintel.malware.malware
text
threatintel.malware.timestamp
date/time
threatintel.severity
text
threatintel.tags
text
threatintel.white_list
text
uuid
text