maili-files

Fetch mail attachment logs from Mail-i elastic server.

maili-files [profile=PROFILE] [offset=NUM] [limit=NUM] [duration=NUM{mon|w|d|h|m|s}] [from=yyyyMMddHHmmss] [to=yyyyMMddHHmmss] [timeout=NUM{m|s}]

profile=PROFILE: Name of the Mail-i connect profile
offset=NUM: Skip count
limit=NUM: Max output count
duration=NUM{mon|w|d|h|m|s}: Fetch only recent data. You should use s(second), m(minute), h(hour), d(day), mon(month) time unit. For example, 10s means data from 10 seconds earlier.
from=yyyyMMddHHmmss: Start time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
to=yyyyMMddHHmmss: End time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
timeout=NUM{m|s}: Timeout in seconds. 30 by default.

Output Fields

Field	Type	Name	Description
_time	Date	Time
file_guid	String	File GUID
file_name	String	File name
file_size	Long	File size
file_path	String	File path
file_content	String	File content
app	String	Application	e.g. SMTP
mail_tag	String	Tag
mail_from	String	Mail from	Author of the message
mail_to	String	Recipient addresses	Recipients of the message delimited by new line.
mail_to_name	String	Recipient names	Delimited by new line.
mail_cc	String	Carbon copy addresses	Delimited by new line.
mail_cc_name	String	Carbon copy names	Delimited by new line.
mail_rcpt_to	String	Actual recipient addresses	Include BCC addresses delimited by new line
mail_rcpt_to_name	String	Actual recipient names	Include BCC names delimited by new line
mail_subject	String	Subject
mail_guid	String	Mail GUID
src_ip	IP address	Source IP
src_port	Integer	Source port
dst_ip	IP address	Destination IP
dst_port	Integer	Destination port	e.g. 25
protocol	String	Protocol
policy	String	Policy
action	String	Action