Sogo webmail¶
Description¶
Constructor: Sogo
Product: Mail
Log type: mx
Theoretical injector performance¶
11638 EPS
Log sample¶
1 | sogo Dec 27 06:25:09 sogod [18083]: 172.5.16.8 "GET /SOGo/so/T1234567@mythalesgroup.com/Mail/0/folderINBOX/folderSupport_SP_ESB/unseenCount HTTP/1.1" 200 13/0 0.272 - - 0 |
1 | sogo Sep 27 11:24:26 sogod [31864]: [ERROR] <0x0x7f77bc3c6178[NGImap4Connection]> could not select URL:imap://T1234567@thsmytmbx01p.online.corp.thales/Junk/: {RawResponse = "{ResponseResult = {description = ; result = no; tagId = 6; }; }"; reason = "Mailbox doesn't exist: Junk (0.001 + 0.039 + 0.039 secs)."; result = 0; } |
1 | sogo Jan 04 07:38:21 sogod [29944]: [WARN] |SOGo| tried to access undefined KVC key: 'davCalendarHomeSet' |
Fields normalization¶
| Normalized field | value / initial field |
|---|---|
| [alarm][sev] | [grok][severity] |
| [init][host][ip] | [grok][from_ip] |
| [init][process][name] | [csv][init_process_name] |
| [init][usr][name] | [grok][user] |
| [app][method] | [grok][rest_method] |
| [app][version] | [grok][http_version] |
| [host][ip] | [grok][ip] |
| [obs][process][id] | [csv][process_id] |
| [obs][process][name] | [csv][process] |
| [rule][id] | [csv][port] |
| [session][duration] | [grok][response_time] |
| [session][in][byte] | [grok][number_in] |
| [session][out][byte] | [grok][number_out] |
| [target][uri][url] | [grok][request] |
| [target][uri][url] | [grok][request] |
| [vendor] | [csv][techno] |
| [alarm][name] | [grok][alarm] |
| [app][return][code] | [grok][return_code] |
| [action] | [csv][action] |
| [session][id] | [grok][session_id] |