Cisco-IronPort
view release on metacpan or search on metacpan
This method may be useful if you wish to process the raw data from the
API call directly.
incoming_mail_summary_current_day_raw
Returns a scalar containing the incoming mail summary statistics for the
current day period unformated and as retrieved directly from the
reporting API.
This method may be useful if you wish to process the raw data from the
API call directly.
incoming_mail_summary_current_week_raw
Returns a scalar containing the incoming mail summary statistics for the
current week period unformated and as retrieved directly from the
reporting API.
incoming_mail_details_current_hour
# Print a list of sending domains which have sent more than 50 messages
# of which over 50% were detected as spam.
my %stats = $ironport->incoming_mail_details_current_hour;
foreach my $domain (keys %stats) {
if ( ( $stats{$domain}{total_attempted} > 50 ) and
( int (($stats{$domain}{spam_detected}/$stats{$domain}{total_attempted})*100) > 50 ) {
print "Domain $domain sent $stats{$domain}{total_attempted} messages, $stats{$domain}{spam_detected} were marked as spam.\n"
}
}
Returns a nested hash containing details of incoming mail statistics for
the current hour period. The hash has the following structure:
sending.domain1.com => {
begin_date => a human-readable timestamp at the beginning of the measurement interval (YYYY-MM-DD HH:MM TZ),
begin_timestamp => seconds since epoch at the beginning of the measurement interval (resolution of 100ms),
clean => total number of clean messages sent by this domain,
connections_accepted => total number of connections accepted from this domain,
end_date => a human-readable timestamp at the end of the measurement interval (YYYY-MM-DD HH:MM TZ),
end_timestamp => seconds since epoch at the end of the measurement interval (resolution of 100ms),
orig_value => the domain name originally establishing the connection prior to any relaying or masquerading,
sender_domain => the sending domain,
spam_detected => the number of messages marked as spam from this domain,
stopped_as_invalid_recipients => number of messages stopped from this domain due to invalid recipients,
stopped_by_content_filter => number of messages stopped from this domain due to content filtering,
stopped_by_recipient_throttling => number of messages stopped from this domain due to recipient throttling,
stopped_by_reputation_filtering => number of messages stopped from this domain due to reputation filtering,
total_attempted => total number of messages sent from this domain,
total_threat => total number of messages marked as threat messages from this domain,
virus_detected => total number of messages marked as virus positive from this domain
},
sending.domain2.com => {
...
},
...
sending.domainN.com => {
...
}
Where each domain having sent email in the current hour period is used
as the value of a hash key in the returned hash having the subkeys
listed above. For a busy device this hash may contain hundreds or
thousands of domains so caution should be excercised in storing and
parsing this structure.
incoming_mail_details_current_day
This method returns a nested hash as described in the
incoming_mail_details_current_hour method above but for a period of the
current day. Consequently the returned hash may contain a far larger
number of entries.
incoming_mail_details_current_week
This method returns a nested hash as described in the
incoming_mail_details_current_hour method above but for a period of the
current week. Consequently the returned hash may contain a far larger
number of entries.
incoming_mail_details_current_hour_raw
Returns a scalar containing the incoming mail details for the current
hour period as retrieved directly from the reporting API. This method is
useful is you wish to access and/or parse the results directly.
incoming_mail_details_current_day_raw
Returns a scalar containing the incoming mail details for the current
day period as retrieved directly from the reporting API. This method is
useful is you wish to access and/or parse the results directly.
incoming_mail_details_current_week_raw
Returns a scalar containing the incoming mail details for the current
week period as retrieved directly from the reporting API. This method is
useful is you wish to access and/or parse the results directly.
top_users_by_clean_outgoing_messages_current_hour
# Print a list of our top internal users and number of messages sent.
my %top_users = $ironport->top_users_by_clean_outgoing_messages_current_hour;
foreach my $user (sort keys %top_users) {
print "$user - $top_users{clean_messages} messages\n";
}
Returns a nested hash containing details of the top ten internal users
by number of clean outgoing messages sent for the current hour period.
The hash has the following structure:
'user1@domain.com' => {
begin_date => a human-readable timestamp of the begining of the current hour period ('YYYY-MM-DD HH:MM TZ'),
begin_timestamp => a timestamp of the beginning of the current hour period in seconds since epoch,
end_date => a human-readable timestamp of the end of the current hour period ('YYYY-MM-DD HH:MM TZ'),
end_timestamp => a timestamp of the end of the current hour period in seconds since epoch,
internal_user => the email address of the user (this may also be 'unknown user' if the address cannot be determined),
clean_messages => the number of clean messages sent by this user for the current hour period
},
'user2@domain.com' => {
...
},
...
user10@domain.com' => {
...
}
top_users_by_clean_outgoing_messages_current_day
( run in 1.393 second using v1.01-cache-2.11-cpan-97f6503c9c8 )