Email Log Database

The Email Log Database includes one catalog database and (initially) a standard logging partition.

• The catalog database provides a single connection point for the various components that need to access the Log Database: Log Server, the Forcepoint Email Security quarantine service, and the Email Security module of the Forcepoint Security Manager (presentation reports, dashboard, log database configuration page). It also includes definitions for the following:
  • Forcepoint Email Security actions
  • Mail direction
  • Message type
  • DLP severity level
  • Email appliance mapping
  • Email policies
  • Rules
  • Viruses
  • DLP policy names
  • IP addresses
  • Email addresses
  • Domains
  • Database jobs

  The catalog database also maintains a list of all the database partitions.

• Database partitions store the individual log records, including connection log, message log, policy log, delivery log, status log, and hybrid service status log. New partitions are created based on size (5 GB, by default) or date interval.