{
  "pcap_cnt": 55,
  "src_port": 49815,
  "event_type": "smtp",
  "app_proto_tc": "failed",
  "input": {
    "type": "log"
  },
  "tenant": 3,
  "agent": {
    "type": "filebeat",
    "id": "9f305fa4-6db1-485c-81f9-598dce1469e3",
    "name": "mta-probe",
    "version": "7.17.10",
    "ephemeral_id": "b0104c46-cfdc-429d-8da2-19fe9b5658ab",
    "hostname": "mta-probe"
  },
  "flow_id": 378995006020317,
  "type": "json-log",
  "dest_ip": "173.254.28.237",
  "smtp": {
    "mail_from": "<oppong@expertsconsultgh.co>",
    "rcpt_to": [
      "<info@ledcenter.by>"
    ],
    "helo": "SANDERS-DESKTOP"
  },
  "@timestamp": "2023-09-25T23:11:30.259Z",
  "timestamp": "2023-09-26T01:11:30.259755+0200",
  "net_info": {
    "dest_agg": "internet",
    "src_agg": "private-class-a.internet",
    "src": [
      "Private class A",
      "Internet"
    ],
    "dest": [
      "Internet"
    ]
  },
  "dest_port": 587,
  "log": {
    "offset": 200248,
    "file": {
      "path": "/var/log/suricata/eve-0.json"
    }
  },
  "tags": [
    "beats_input_codec_json_applied"
  ],
  "see_name": "STS-500-QALAB-SSP",
  "logger": "logstash-manager",
  "host": "mta-probe",
  "app_proto": "smtp",
  "ether": {
    "dest_mac": "00:08:02:1c:47:ae",
    "src_mac": "20:e5:2a:b6:93:f1"
  },
  "proto": "TCP",
  "tx_id": 0,
  "@version": "1",
  "email": {
    "has_exe_url": false,
    "url": [
      "https://outlook.com/",
      "https://linkedin.com/",
      "https://facebook.com/",
      "https://amazon.com/"
    ],
    "to": [
      "info@ledcenter.by"
    ],
    "status": "PARSE_DONE",
    "has_ipv4_url": false,
    "has_ipv6_url": false,
    "from": "oppong@expertsconsultgh.co"
  },
  "see_id": "6c2b59a0d0f2",
  "src_ip": "10.10.25.101"
}