Skip to main content
My preferencesSign out
Proofpoint, Inc.

Viewing logged messages

Situation You need to confirm message delivery and search through large amounts of delivered messages for specific emails.

Steps on how to view the message Logs and refine your searching, and:

  • Types of Users
  • How to View All User Logs
  • Search Criteria
  • Refine Searching

Types of Users

It should be highlighted here that the different roles have fundamental differences.

  • Silent-Users: have no access into the Proofpoint Essentials interface.
  • End-Users: by default, are automatically shown the logs upon log-in.
  • Admins: Need to navigate to the specific email address or go to the logs page.

How to view All User logs

The logs will allow you to view what has been sent or received into the system.

Log Search Limits

  • Logs are only available for the last 30 days.
  • Log searching is limited to 1000 results.
  1. Log into your appropriate stack. Please check this KB if you are unsure where to log-in.
  2. To review all users, click the Log Search tab on the left.
    1. You are taken to the All Users tab to search.
  3. The below search parameters are available:  UI_SEARCH.PNG
  4. Use the search parameters as desired.
    1. The default date range is set to search the last 7 days.
  5. Click Search.

The log output is a line by line output compared to the parameters you are searching for. Per the limits mentioned, please see the following tips for refining your search.

Search Results

By design, the search results always only shows 10 results. You can change the parameter, but this resets every time you search.

Log Details

For a more in depth review of an actual message, please review the Log Details. The details will allow you to also provide support with a Permalink when requested.

Search Criteria

  • Type
    • Inbound Mail - received email to the customer
    • Outbound Mail - sent email from customer (if set-up to use Outbound)
  • Status
    • ANY - All mail
    • Quarantined - Any messages that Proofpoint services stopped; either by standard spam or custom filtering
    • Reported - Messages tthat were reported using the 'Classify as...' option
    • Blocked - Messages that were classified as a [possible] virus
    • Cleared - Messages that did not get stopped by spam or allowed via a filter
    • Cleared (but queued for delivery) - Deferred email that is waiting delivery to mail server
    • Cleared (but bounced by destination) - Bounced email that we could not deliver to the destination
    • Cleared (released from quarantine) - Messages previously quarantined that have been released.
  • Date - See the next section on refining search
  • FROM - Email sender
  • TO - Email recipient
  • SUBJECT - Content found in the message subject

Hide Log/Deleted Log

If a user/admin performs the action to hide the email from log, or a filter designates to hide the message from log, this will not be found in the search criteria, as they have been permanently hidden from the search.

Refine searching

The log searching in general can provide too much data. You may want to refine your search based on separate items.

Specific Account searching

As part of the searching, you are defaulted to see All Users. At the top of the search, you can choose to limit searching by specific users, groups, or functional accounts. If you know it is to a specific email address, you may want to limit searching to the address.