Codes of settings from the Protection section in audit event records

If logging of audit events and modified settings is enabled in Event Log settings, when settings in the Settings → Protection section are edited, detailed information about the changes is recorded in an Audit Log event.

For each modified tab of the Protection section, a separate event is displayed in the Audit Log on the Audit tab.

The following table shows how the settings in the Protection section are coded in an Audit Log record.

Codes of settings from the Protection → Anti-Virus section in the audit event record

Setting in the Protection → Anti-Virus section	Code in the audit event record	Examples
Use Anti-Virus	`av_settings.enable_av_scan` Possible values: `true` if the toggle switch is On. `false` if the toggle switch is Off.	Settings modified: `av_settings.enable_av_scan[true][false]` `av_settings.scan_time_limit[150][180]` `av_settings.max_nesting_level[30][32]` `av_settings.use_analyzer[true][false]` `av_settings.heuristic_level[Light][Medium]` `av_settings.exclude_other_detect[true][false]`
Maximum scanning time (s)	`av_settings.scan_time_limit`
Maximum scanned level of archives	`av_settings.max_nesting_level`
Use heuristic analysis	`av_settings.use_analyzer` Possible values: `true` if the toggle switch is On. `false` if the toggle switch is Off.
Heuristic analysis level	`av_settings.heuristic_level` Possible values: `Light` if the Light level is selected. `Medium` if the Medium level is selected. `Deep` if the Deep level is selected.
Some legitimate applications	`av_settings.exclude_other_detect` Possible values: `true` if the toggle switch is On. `false` if the toggle switch is Off.

Codes of settings from the Protection → Link scanning section in the audit event record

Setting in the Protection → Link scanning section	Code in the audit event record	Examples
Scan links	`mlf_settings.enable_mlf_scan` Possible values: `true` if the toggle switch is On. `false` if the toggle switch is Off.	Settings modified: `mlf_settings.enable_mlf_scan[true][false]` `mlf_settings.scan_time_limit[20][30]` `mlf_settings.exclude_adware_detect[true][false]` `mlf_settings.exclude_other_detect[true][false]`
Maximum scanning time (s)	`mlf_settings.scan_time_limit`
Adware links	`mlf_settings.exclude_adware_detect` Possible values: `true` if the toggle switch is On. `false` if the toggle switch is Off.
Links related to some legitimate applications	mlf_settings.exclude_other_detect Possible values: `true` if the toggle switch is On. `false` if the toggle switch is Off.

Codes of settings from the Protection → Anti-Spam section in the audit event record

Setting in the Protection → Anti-Spam section	Code in the audit event record	Examples
Use Anti-Spam	`as_settings.enable_as_scan`	Settings modified: `as_settings.enable_as_scan[true][false]` `as_settings.scan_time_limit[20][30]` `as_settings.enable_reputation_` `filtering[true][false]` `as_settings.enable_bec[true][false]` `as_settings.bec_group_dn[group_name_1]` `[group_name_2]` `as_settings.use_ip_reputation[true][false]` `as_settings.use_enforced_antispam_` `updates_service[true][false]` `max_message_timeout[2000][3000]` `max_messages_count[0][1]` `max_size[1024][2048]`
Maximum scanning time (s)	`as_settings.scan_time_limit`
Use Moebius	`as_settings.use_enforced_antispam_` `updates_service`
Protection against AD spoofing	`as_settings.enable_bec`
Group LDAP: distinguishedName	`as_settings.bec_group_dn`
IP and domain reputation	`as_settings.use_ip_reputation`
Use Anti-Spam Quarantine	`as_settings.enable_reputation_filtering`
Maximum Quarantine duration (s)	`max_message_timeout`
Maximum number of messages	`max_messages_count`
Maximum Quarantine size (MB)	`max_size`

Codes of settings from the Protection → Anti-Phishing section in the audit event record

Setting in the Protection → Anti-Phishing section

Code in the audit event record

Examples

Use Anti-Phishing

ap_settings.enable_ap_scan

Possible values:

true if the toggle switch is On.
false if the toggle switch is Off.

Settings modified:

ap_settings.enable_ap_scan[true][false]

ap_settings.scan_time_limit[20][30]

Maximum scanning time (s)

ap_settings.scan_time_limit

Codes of settings from the Protection → Content Filtering section in the audit event record

Setting in the Protection → Content Filtering section	Code in the audit event record	Examples
Use Content Filtering	`cf_settings.enable_cf_scan` Possible values: `true` if the toggle switch is On. `false` if the toggle switch is Off.	Settings modified: `cf_settings.enable_cf_scan[true][false]` `cf_settings.scan_time_limit[20][30]` `cf_settings.max_nesting_level[30][32]`
Maximum scanning time (s)	`cf_settings.scan_time_limit`
Maximum scanned level of archives	`cf_settings.max_nesting_level`

Codes of settings from the Protection → External services section in the audit event record

Setting in the Protection → External services section	Code in the audit event record	Examples
KSN server timeout (s)	`external_services.ksn_timeout`	Settings modified: `external_services.ksn_timeout[5][10]` `external_services.use_dns[true][false]` `external_services.dns_timeout[5][10]` `external_services.use_spf[true][false]` `external_services.use_dkim[true][false]` `external_services.use_dmark[true][false]`
Allow connection to DNS server	`external_services.use_dns` Possible values: `true` if the toggle switch is On. `false` if the toggle switch is Off.
DNS server timeout (s)	`external_services.dns_timeout`
Use SPF	`external_services.use_spf` Possible values: `true` if the toggle switch is On. `false` if the toggle switch is Off.
Use DKIM	`external_services.use_dkim` Possible values: `true` if the toggle switch is On. `false` if the toggle switch is Off.
Use DMARC	`external_services.use_dmark` Possible values: `true` if the toggle switch is On. `false` if the toggle switch is Off.

Page top