You arent going to be able to grab those from the message logs
If you were in Exchange Online, you could see what rules were triggered for a message in message tracking, but that funcationality doesnt exist on-prem
(Even though in on-prem EAC the option is there, that option on-prem is for incident report generation and that gets stamped in the message tracking logs. )
Hi @NASH Martyn
So far I have not managed to work out how to do this, i appreciate the guidance to say you can't customize the tracking logs, but my issue still remains. Currently looking at the possibility of using a third party add-on Trustwave for Exchange, which has far more capabilities to interrogate message content on the fly and produce detailed logs.
Thats probably a reasonable way to go. Nothing native in Exchange on-prem can really be leveraged here to do this other than some really clunky solution.
Sign in to comment