From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 2009B809CC for ; Thu, 18 Nov 2021 19:18:24 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 0C56320B26 for ; Thu, 18 Nov 2021 19:17:54 +0100 (CET) Received: from mail-lf1-x12f.google.com (mail-lf1-x12f.google.com [IPv6:2a00:1450:4864:20::12f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id EEC5B20B12 for ; Thu, 18 Nov 2021 19:17:52 +0100 (CET) Received: by mail-lf1-x12f.google.com with SMTP id m27so30149340lfj.12 for ; Thu, 18 Nov 2021 10:17:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:from:date:message-id:subject:to; bh=lwr8jDUY9vZzMHSKyG9v9Kbe64NoZM3YWv9A4/ZDw9E=; b=OGmyaiYasheTzAGDVbZqPIcsFeOFcz0OVOKoyviqFBeF6mVwcQViJwTAg1fHAP3/eT Wb2OfEmzBDcUMIgBXqgrSxvGjLOYpza+Lrm5wiQ70GDHFBk/f5SRd0pQRBO8OmyLVI4v oSl7v9vUTbdYn9b7O0mU4/k1VDpzpu2q5/1Y9D94Sui7HVzOHWRtjDnTDHhPyMSkZ0px CozECWp0bVE42TadGP+Cma3eBrSwcq1IuipOGTI1ePxFxPCsYUevvjUkuk/nQWV2mNu4 M0miLHX/9evXd8aNU6yf1botBo2rvkznQ3eUBPh6Cqx/xJt/cevoxEVcsKtMpGguczds z3hQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=lwr8jDUY9vZzMHSKyG9v9Kbe64NoZM3YWv9A4/ZDw9E=; b=ObBvhw9Tb+FPawMGc1LETSDcat00fuf4f8X6cpj2HipJ2zTpaBQItACAXglo0Iky5O MVteDkMLbifSaOTQrh0b9EZrCEaBps8R0fmRtWA6/WIqYK/G8fM8zzrsldMU0OUo4mct lwywUrZhwaGPnoMYSUyH5Y4V6HgFLLlLg5wph4YmXAGgCNk/27StOImU6X9iRRSfmsLm RM11pt78H0j+zCiCk8c7/HhVAQPeAUJsCkIa2rH6s/BamLfj2L9qDX6sr+61nd1YJ9db nuENhAXIZejEasnC8Hf6cVw0DVrLxQHPdD0KrSIzDbW5eKeqBFJwDxu0bQejzus5JzJr YAWg== X-Gm-Message-State: AOAM533IUoXqlAPWWWGOFxRvKRABPZq7JvZ216oxAaPBSF21sc5gt2Fd Qbh8gPL9Wf+xmHJsjeml8OC0Beny/bc1dSb6GQiA2PtrXorMqw== X-Google-Smtp-Source: ABdhPJxAggEo0zxfgfR2X0f4HBV/2Epck2HMKj9KVS2VKurYohBILuvoOJUtME2FoGRYRI20i1VqiCwAaARuQHbD2SU= X-Received: by 2002:a05:6512:3322:: with SMTP id l2mr13559582lfe.556.1637259465838; Thu, 18 Nov 2021 10:17:45 -0800 (PST) MIME-Version: 1.0 From: =?UTF-8?B?TcOhcmlvIMOCbmdlbG8=?= Date: Thu, 18 Nov 2021 15:17:34 -0300 Message-ID: To: pmg-devel@lists.proxmox.com Content-Type: multipart/alternative; boundary="000000000000ddd51905d1142cc3" X-SPAM-LEVEL: Spam detection results: 0 BAYES_00 -1.9 Bayes spam probability is 0 to 1% DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not necessarily valid DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature DKIM_VALID_AU -0.1 Message has a valid DKIM or DK signature from author's domain DKIM_VALID_EF -0.1 Message has a valid DKIM or DK signature from envelope-from domain FREEMAIL_FROM 0.001 Sender email is commonly abused enduser mail provider HTML_MESSAGE 0.001 HTML included in message RCVD_IN_DNSWL_NONE -0.0001 Sender listed at https://www.dnswl.org/, no trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record X-Mailman-Approved-At: Mon, 22 Nov 2021 09:57:00 +0100 Subject: [pmg-devel] Proxmox Mail Gateway Parsing logs X-BeenThere: pmg-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Mail Gateway development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Nov 2021 18:18:24 -0000 --000000000000ddd51905d1142cc3 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hey guys! Does anyone have reference documentation of events generated by the Proxmox Mail Gateway? I looked in the documentation on the site, but I couldn't find it. Basically, I need the definition / specification of events and log fields to parse/format in a SIEM. Thank you for any help. M=C3=A1rio Reis --000000000000ddd51905d1142cc3 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hey guys!

Does anyone have reference documentation = of events generated by the Proxmox Mail Gateway? I looked in the documentat= ion on the site, but I couldn't find it. Basically, I need the definiti= on / specification of events and log fields to parse/format in a SIEM.
=
Thank you for any help.

M=C3=A1rio Reis
<= /div> --000000000000ddd51905d1142cc3--