Barracuda Mailhub
Barracuda Email Security Gateway is a dedicated mail-security appliance that filters spam, malware and phishing before messages reach the mail server.
EnginsightGlobal Fields (4)
| Field | Type |
|---|---|
ngs.id Unique identifier for the log entry. | string |
ngs.createdAt Timestamp when the event was created locally. | pdate |
ngs.indexedAt Timestamp when the log was indexed into the SIEM. | pdate |
ngs.source Origin or source system of the log. | string |
Reference-Specific Fields (22)
| Field | Type |
|---|---|
barracudaMailhub.reasonExtra Additional textual details explaining why the mail was blocked, deferred, or accepted | text_general |
barracudaMailhub.destDomainname Fully qualified domain name of the mail's destination server | text_general |
barracudaMailhub.name Human-readable identifier for this mail processing instance or host | string |
barracudaMailhub.destIp IP address of the mail's destination server | text_general |
barracudaMailhub.start Timestamp when the mail transaction began or was received | pdate |
barracudaMailhub.recipient Email address of the intended recipient | text_general |
barracudaMailhub.spamScore Numeric spam-detection score assigned to the message | pfloat |
barracudaMailhub.reasonId Numeric code corresponding to the primary reason for the action | pint |
barracudaMailhub.action Textual description of the mailhub action (e.g., DELIVER, BOUNCE, QUARANTINE) | text_general |
barracudaMailhub.srcIp IP address of the client that submitted the email | text_general |
barracudaMailhub.encoded Boolean flag indicating whether the message was base64 or quoted-printable encoded | boolean |
barracudaMailhub.size Size of the message in bytes | plong |
barracudaMailhub.end Timestamp when the mail transaction completed or was handed off | pdate |
barracudaMailhub.subject Subject line of the email message | text_general |
barracudaMailhub.srcDomainname Fully qualified domain name of the client that sent the email | text_general |
barracudaMailhub.sendMsg Raw SMTP command or response logged during the send process | text_general |
barracudaMailhub.actionId Numeric code representing the specific action taken by the mailhub | pint |
barracudaMailhub.queueId Identifier of the mail message in the processing queue | string |
barracudaMailhub.sender Envelope sender address of the email | text_general |
barracudaMailhub.id Unique identifier for the mailhub log entry | string |
barracudaMailhub.destPort TCP port number used to connect to the destination mail server | pint |
barracudaMailhub.reason Primary textual reason for blocking, deferring, or delivering the mail | text_general |
Sample Log Event
Below is a representative JSON log entry showing key fields as they're emitted by the system. Depending on the context of the event, some fields may be omitted if they're not applicable.