Inbound Domain Details Report
Administrators of an organization may often wish to know the domains from which most email messages were received, and the size of messages received from each domain. The Inbound Domain Details report helps administrators in this regard. With the help of this report, administrators can identify the individual domains from which the mails were received, the number of mails received from each individual domain and the total size of the mails. Using this report, administrators can rapidly figure out if mail correspondence by the users were from legitimate domains only or if the mail activity was suspect - i.e., were many mails received from domains that seem phony? Was the size of the mail received unusually large? This way, the report points to probable mail server abuse/hacking, based on which administrators can fine-tune firewall policies.
In order to generate the Inbound Domain Details report, do the following:
Select the Inbound Domain Details option from the Exchange Report node of the REPORTS BY FUNCTION tree.
Then, select a criterion for analysis from the Analyze by list box. Using this report, you can analyze the performance of one/more Exchange components, or those that are part of a service or a segment. The options provided by the Analyze by list box are discussed hereunder:
Component: Select this option to choose the component(s) from across all the components that are available in the IT environment. For instance, for a report on the domain of a Microsoft Exchange server in the environment, select Component from the Analyze by list, select Microsoft Exchange Online from the Component Type list, and then select the host listed in the Components list.
Service: Select this option if the components for which a report is to be generated are involved in the delivery of a business service. Then, select a Service.
Segment: Choose this option if the virtual hosts to be evaluated are part of a segment. Then, pick a Segment for analysis.
Then, specify the Timeline for the report. You can either provide a fixed time line such as 1 hour, 2 days, etc., or select the Any option from the list to provide a From and To date/time for report generation.
Note:
For every user registered with the eG Enterprise system, the administrator can indicate the maximum timeline for which that user can generate a report. Once the maximum timeline is set for a user, then, whenever that user logs into eG Reporter and attempts to generate a report, the Timeline list box in the report page will display options according to the maximum timeline setting of that user. For instance, if a user can generate a report for a maximum period of 3 days only, then 3 days will be the highest option displayed in the Timeline list - i.e., 3 days will be the last option in the fixed Timeline list. Similarly, if the user chooses the Any option from the Timeline list and proceeds to provide a start date and end date for report generation using the From and To specifications, eG Enterprise will first check if the user's Timeline specification confirms to his/her maximum timeline setting. If not, report generation will fail. For instance, for a user who is allowed to generate reports spanning over a maximum period of 3 days only, the difference between the From and To dates should never be over 3 days. If it is, then, upon clicking the Run Report button a message box will appear, prompting the user to change the From and To specification.
In addition to the settings discussed above, this report comes with a set of default specifications. These settings are hidden by default. If you do not want to disturb these default settings, then you can proceed to generate the report by clicking the Run Report button. However, if you want to view and then alter these settings (if required), click on the
icon. The default settings will then appear in the More Options drop down window. The steps below discuss each of these settings and how they can be customized.To view the Top-10 components, select Top-10 from the Show list. By default, the Top-<maximum number of active components for the test> will be the option chosen here - i.e., if this test takes a maximum of 5 components, then the Top-5 option will be selected here by default.
Note:
The options to be listed in the Show list can be configured in the eg_report.ini file in the <EG_INSTALL_DIR>\manager\config directory. To achieve this, set the ShowTop parameter in the [INFOS] section of this list to a specific numeric value. For example, if you set ShowTop to 10, then the Show list will display the following options: Top-10, Top-2, Top-5, Last-10, Last-2, and Last-5.
If the timeline specified for the report needs to exclude the data collected during the Weekends, then set Exclude weekends to Yes. If not, select No.
Edit the eg_report.ini file in the
\manager\config directory. In the [RUM_REPOTRS] section of the file, the EXCLUDE_WEEKEND parameter is set to Saturday, Sunday by default. You can modify this by setting the EXCLUDE_WEEKEND parameter to a comma-separated list of other days of the week - say Friday, Saturday.
Save the file after making the required changes.
Specify the start time and end time for report generation against the Time period field in the More Options drop down window.
In large environments, reports generated using months of data can take a long time to complete. Administrators now have the option of generating reports on-line or in the background. When a report is scheduled for background generation, administrators can proceed with their other monitoring, diagnosis, and reporting tasks, while the eG manager is processing the report. This saves the administrator valuable time. To schedule background processing of a report, select the Background Save - PDF option from the Report Generation list. In this case, a Report Name text box will appear, where you would have to provide the name with which the report is to be saved in the background. To process reports in the foreground, select the Foreground Generation - HTML option from this list.
Note
The Report Generation list will appear only if the EnableBackgroundReport flag in the [BACKGROUND_PROCESS] section of the eg_report.ini file (in the {EG_INSTALL_DIR}\manager\config directory) is set to Yes.
The default selection in the Report Generation list will change according to the Timeline specified for the report. If the Timeline set is greater than or equal to the number of days specified against the MinDurationForReport parameter in the [BACKGROUND_PROCESS] section of the eg_report.ini file, then the default selection in the Report Generation list will be Background Save - PDF. On the other hand, if the Timeline set for the report is lesser than the value of the MinDurationForReport parameter, then the default selection in the Report Generation list will be Foreground. This is because, the MinDurationForReport setting governs when reports are to be processed in the background. By default, this parameter is set to 2 weeks - this indicates that by default, reports with a timeline of 2 weeks and above will be processed in the background.
Finally, click the Run Report button to generate the report.
The report that appears, consists of three sections.
In the first section, the summary reveals the number domains from which the mails were received, total number of mails received from the domains and the size of the received mails.
The second section contains a pie chart that provides a bird's-eye view of the mails that were recieved from various domains. The slices of the pie chart and their respective colors represent the percentage of mails that were received from different domains.
The third section of Inbound Domain Details Report is a bar chart that depicts the top-10 domains from which maximum number of mails were received in the target environment. The length of a bar depends upon the number of mails received from a specific domain.
Note:
By default, the weekend constitutes Saturday and Sunday. To override this default setting, do the following: