Deploiement_Server/deployment-apps/DA-ITSI-CP-microsoft-exchange/default/data/ui/views/client_byusername.xml

<form version="1.1">
	<label>Analyze a User Mailbox - Microsoft Exchange</label>
	<fieldset autoRun="true">
	  <input type="dropdown" token="username">
		<label>Username</label>
		<fieldForLabel>user_subject</fieldForLabel>
		<fieldForValue>user_subject</fieldForValue>
		<search>
		  <query>| inputlookup userSubjectInformation | addinfo | where ((NOT isnum(info_max_time)) OR time &gt; info_min_time AND time &lt; info_max_time)| table user_subject</query>
		  <earliest>$earliest$</earliest>
		  <latest>$latest$</latest>
		</search>
	  </input>
	  <input type="time">
		<label></label>
		<default>
		  <earliest>-7d@h</earliest>
		  <latest>now</latest>
		</default>
	  </input>
	</fieldset>
	<row>
	  <panel>
		<table>
			<title>Recent Logins</title>
			<search>
				<query>
					eventtype="client-*-usage" | eval cs_username=if (eventtype==client-popimap-usage,mvindex(Account_Domain,-1)."\\".mvindex(Account_Name,-1),cs_username) | `normalize_user` | search user_subject="$username$" | rex field=eventtype "client-(?&lt;AccessMethod&gt;[^-]+)-usage" | lookup useragent cs_user_agent | iplocation c_ip | eval Time=strftime(_time,"%a %b %e %l:%M%p %Y") | rename AccessMethod as "Access Method", IPAddress as "IP Address" | rename browser as "Browser", browserversion as "Browser Version" | rename os as "OS", osvariant as "OS Variant", osversion as "OS Version" | table "Time", "IP Address", "Location", "Access Method", "Browser", "Browser Version", "OS", "OS Variant", "OS Version"
				</query>
			</search>
			<option name="count">10</option>
			<option name="rowNumbers">false</option>
			<option name="showPager">false</option>
		</table>
	  </panel>
	</row>
	<row>
	  <panel>
		<table>
			<title>Mailbox Information</title>
			<search>
				<query>
					`msexchange-user-stats("$username$")`
				</query>
    		<earliest>-24h</earliest>
		    <latest>now</latest>
			</search>
			<option name="count">10</option>
			<option name="rowNumbers">false</option>
			<option name="showPager">false</option>
		</table>
	  </panel>
	  <panel>
		<chart>
			<title>Mailbox Size over Time</title>
			<search>
				<query>
					`mailbox-info-for-user("$username$")`
					| eval TotalItemMB=TotalItemSize/1048576
					| eval DeletedItemMB=TotalDeletedItemSize/1048576
					| timechart fixedrange=t max(TotalItemMB) as "Total Size", max(DeletedItemMB) as "Deleted Items Size"
				</query>
			</search>
			<option name="height">240</option>
			<option name="charting.axisTitleX.text">Time</option>
			<option name="charting.axisTitleY.text">MB</option>
			<option name="charting.chart">area</option>
			<option name="charting.legend.placement">bottom</option>
			<option name="charting.chart.nullValueMode">connect</option>
		</chart>
	  </panel>
	</row>
</form>