Starting from v5.0 release, two new fields — policy ID and domain — have been added to history logs.
The policy ID is in the format of x:y:z, where:
- x is the ID of the global access control policy.
- y is the ID of the IP-based policy.
- z is the ID of the recipient-based policy.
If the value of x, y, and z is 0, it means that no policy is matched.
If the matched recipient-based policy is incoming, the protected domain will be logged in the domain field.
If the matched recipient-based policy is outgoing, the domain field will be empty.