Get Threat
Get details of a threat.
External Documentation
To learn more, visit the Abnormal documentation.
Parameters
Parameter | Description |
---|---|
Threat ID | The ID representing the threat. Can be retrieved from the 'List Threats' action. |
Example Output
{
"threatId": "184712ab-6d8b-47b3-89d3-a314efef79e2",
"messages": [
{
"threatId": "184712ab-6d8b-47b3-89d3-a314efef79e2",
"abxMessageId": 4551618356913732000,
"abxPortalUrl": "https://portal.abnormalsecurity.com/home/threat-center/remediation-history/4551618356913732076",
"subject": "Phishing Email",
"fromAddress": "support@secure-reply.org",
"fromName": "Support",
"senderDomain": "secure-reply.org",
"toAddresses": "example@example.com, another@example.com",
"recipientAddress": "example@example.com",
"receivedTime": "2020-06-09T17:42:59Z",
"sentTime": "2020-06-09T17:42:59Z",
"internetMessageId": "<5edfca1c.1c69fb81.4b055.8fd5@mx.google.com>",
"remediationStatus": "Auto Remediated",
"attackType": "Extortion",
"attackStrategy": "Name Impersonation",
"returnPath": "support@secure-reply.org",
"replyToEmails": [
"reply-to@example.com"
],
"ccEmails": [
"cc@example.com"
],
"senderIpAddress": "100.101.102.103",
"impersonatedParty": "None / Others",
"attackVector": "Text",
"attachmentNames": [
"attachment.pdf"
],
"attachmentCount": 0,
"urls": [
"https://www.google.com/"
],
"urlCount": 0,
"summaryInsights": [
"Bitcoin Topics",
"Personal Information Theft",
"Unusual Sender"
],
"remediationTimestamp": "2020-06-09T17:42:59Z",
"isRead": true,
"attackedParty": "VIP",
"autoRemediated": true,
"postRemediated": false
}
],
"pageNumber": 1,
"nextPageNumber": 2
}
Workflow Library Example
Get Threat with Abnormal and Send Results Via Email
Preview this Workflow on desktop