🚫 Mimecast Cloud Gateway MTA - DEPRECATED

Solution: MimecastSEG

🚫 Deprecated: This solution has been deprecated and replaced by a newer integration.

MimecastSEG Logo

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Attribute	Value
Publisher	Mimecast
Support Tier	Partner
Support Link	https://mimecastsupport.zendesk.com/
Categories	domains
Version	3.0.2
Author	Mimecast - dlapi@mimecast.com
First Published	2022-02-24
Last Updated	2022-02-24
Solution Folder	MimecastSEG
Marketplace	Azure Marketplace · Popularity: 🟡 Low (44%)

The data connector for Mimecast Secure Email Gateway allows easy log collection from the Secure Email Gateway to surface email insight and user activity within Microsoft Sentinel. The data connector provides pre-created dashboards to allow analysts to view insight into email based threats, aid in incident correlation and reduce investigation response times coupled with custom alert capabilities. Mimecast products and features required: - Mimecast Secure Email Gateway - Mimecast Data Leak Prevention

Microsoft Sentinel Solutions provide a consolidated way to acquire Microsoft Sentinel content like data connectors, workbooks, analytics, and automations in your workspace with a single deployment step.

NOTE: This integration is considered deprecated and has been replaced by the unified Mimecast integration, which uses Mimecast's API 2.0 gateway. Please avoid using this version, and if already using it, migrate to the new integration. No further updates will be performed, and this version will be removed at a future date. For additional information, including the unified integration setup steps, go here.

Data Connectors
Tables Used
Content Items

Data Connectors

This solution provides 1 data connector(s):

Mimecast Secure Email Gateway 🔶

🔶 CLv1: This connector ingests into a table that uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g. _s, _d, _b, _t, _g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.

Tables Used

This solution uses 2 table(s):

Table	Used By Connectors	Used By Content
`MimecastDLP_CL` 🔶	Mimecast Secure Email Gateway	Analytics
`MimecastSIEM_CL` 🔶	Mimecast Secure Email Gateway	Analytics, Workbooks

🔶 CLv1: This table uses the legacy Custom Log V1 schema format with type-suffixed column names (e.g. _s, _d, _b, _t, _g). Note: identification is based on column name suffixes which are also permitted in CLv2, so this classification may not always be accurate.

Content Items

This solution includes 10 content item(s):

Content Type	Count
Analytic Rules	9
Workbooks	1

Analytic Rules

Name	Severity	Tactics	Tables Used
Mimecast Data Leak Prevention - Hold	Informational	Exfiltration	`MimecastDLP_CL`
Mimecast Data Leak Prevention - Notifications	High	Exfiltration	`MimecastDLP_CL`
Mimecast Secure Email Gateway - AV	Informational	Execution	`MimecastSIEM_CL`
Mimecast Secure Email Gateway - Attachment Protect	High	Collection, Exfiltration, Discovery, InitialAccess, Execution	`MimecastSIEM_CL`
Mimecast Secure Email Gateway - Impersonation Protect	High	Discovery, LateralMovement, Collection	`MimecastSIEM_CL`
Mimecast Secure Email Gateway - Internal Email Protect	High	LateralMovement, Persistence, Exfiltration	`MimecastSIEM_CL`
Mimecast Secure Email Gateway - Spam Event Thread	Low	Discovery	`MimecastSIEM_CL`
Mimecast Secure Email Gateway - URL Protect	High	InitialAccess, Discovery, Execution	`MimecastSIEM_CL`
Mimecast Secure Email Gateway - Virus	Informational	Execution	`MimecastSIEM_CL`

Workbooks

Name	Tables Used
MimecastSEGworkbook	`MimecastSIEM_CL`

Release Notes

Version	Date Modified (DD-MM-YYYY)	Change History
3.0.2	06-03-2025	Solution Deprecated
3.0.1	05-12-2023	Enhanced Dataconnector to use existing workspace and updated checkpoint mechanism
3.0.0	23-08-2023	Initial Solution Release