Skip to content

Sogo webmail

Description

Constructor: Sogo

Product: Mail

Log type: mx

Theoretical injector performance

11638 EPS

Log sample

1
sogo  Dec 27 06:25:09 sogod [18083]: 172.5.16.8 "GET /SOGo/so/T1234567@mythalesgroup.com/Mail/0/folderINBOX/folderSupport_SP_ESB/unseenCount HTTP/1.1" 200 13/0 0.272 - - 0
1
sogo  Sep 27 11:24:26 sogod [31864]: [ERROR] <0x0x7f77bc3c6178[NGImap4Connection]> could not select URL:imap://T1234567@thsmytmbx01p.online.corp.thales/Junk/: {RawResponse = "{ResponseResult = {description = ; result = no; tagId = 6; }; }"; reason = "Mailbox doesn't exist: Junk (0.001 + 0.039 + 0.039 secs)."; result = 0; }
1
sogo  Jan 04 07:38:21 sogod [29944]: [WARN] |SOGo| tried to access undefined KVC key: 'davCalendarHomeSet'

Fields normalization

Normalized field value / initial field
[alarm][sev] [grok][severity]
[init][host][ip] [grok][from_ip]
[init][process][name] [csv][init_process_name]
[init][usr][name] [grok][user]
[app][method] [grok][rest_method]
[app][version] [grok][http_version]
[host][ip] [grok][ip]
[obs][process][id] [csv][process_id]
[obs][process][name] [csv][process]
[rule][id] [csv][port]
[session][duration] [grok][response_time]
[session][in][byte] [grok][number_in]
[session][out][byte] [grok][number_out]
[target][uri][url] [grok][request]
[target][uri][url] [grok][request]
[vendor] [csv][techno]
[alarm][name] [grok][alarm]
[app][return][code] [grok][return_code]
[action] [csv][action]
[session][id] [grok][session_id]