|Situation||You need to confirm message delivery and search through large amounts of delivered messages for specific emails.|
Steps on how to view the message Logs and refine your searching, and:
Types of Users
It should be highlighted here that the different roles have fundamental differences.
- Silent-Users: have no access into the Proofpoint Essentials interface.
- End-Users: by default, are automatically shown the logs upon log-in.
- Admins: Need to navigate to the specific email address or go to the logs page.
How to view All User logs
The logs will allow you to view what has been sent or received into the system.
Log Search Limits
- Logs are only available for the last 30 days.
- Log searching is limited to 1000 results.
- Log into your appropriate stack. Please check this KB if you are unsure where to log-in.
- To review all users, click the Log Search tab on the left.
- You are taken to the All Users tab to search.
- The below search parameters are available:
- Use the search parameters as desired.
- The default date range is set to search the last 7 days.
- Click Search.
The log output is a line by line output compared to your parameters you are searching for. Per the limits mentioned, please see the following tips for refining your search.
By design, the search results always only shows 10 results. You can change the parameter, but this resets every time you search.
- Inbound Mail - received email to the customer
- Outbound Mail - sent email from customer (if set-up to use Outbound)
- ANY - All mail
- Quarantined - Any messages that Proofpoint services stopped; either by standard spam or custom filtering
- Reported - Messages tthat were reported using the 'Classify as...' option
- Blocked - Messages that were classified as a [possible] virus
- Cleared - Messages that did not get stopped by spam or allowed via a filter
- Cleared (but queued for delivery) - Deferred email that is waiting delivery to mail server
- Cleared (but bounced by destination) - Bounced email that we could not deliver to the destination
- Cleared (released from quarantine) - Messages previously quarantined that have been released.
- Date - See the next section on refining search
- FROM - Email sender
- TO - Email recipient
- SUBJECT - Content found in the message subject
Hide Log/Deleted Log
If a user/admin performs the action to hide the email from log, or a filter designates to hide the message from log, this will not be found in the search criteria, as they have been permanently hidden from the search.
The log searching in general can provide too much data. You may want to refine your search based on separate items.
Specific Account searching
As part of the searching, you are defaulted to see All Users. At the top of the search, you can choose to limit searching by specific users, groups, or functional accounts. If you know it is to a specific email address, you may want to limit searching to the address.