Dear all,
I am currently struggling on extracting field for Symantec Mail Security for SMTP.
The Sample Log looks like as follow (in single log entry):
20110329,7,1=1,11=<IP for Origin Mail Server>,21=<rcpt email address 1>\, <rcpt email address 1>\, <rcpt email address 1>\, <rcpt email address 1>\, <rcpt email address 1>,23=756702,52=M2011032900000716831,22=<Subject>,20=<sender email address 1>,120=36315,2=5
So it seems that in one log entry, recipient emails are consolidated. It is different with Barracuda and Exchange where it every mail transaction separated in one log entry. SO it is quite clear cut to do field extract.
Please advise how can I do the field extract based on this kind of log.
Thank you so much for all your help
Regards
marendra
... View more