Triggers a workflow on every new event matching a given query.
Workflows based on this trigger will search for new events every 5 minutes.
Basic Parameters
| Parameter | Description |
|---|
| Description | The description of the event. |
| Event Types | The event types. |
| Scopes | The scopes for the request. |
Advanced Parameters
| Parameter | Description |
|---|
| Confidence Indicator | The confidence indicator of the event. |
| Event States | The event states. |
| Severities | The event severities. |
Sample Event
{
"eventId": "b6dzd2das24423213ffa3849ccf68f52",
"customerId": "myCompany",
"saas": "office365_emails",
"entityId": "321ee437asa6043d93c55e92h2f3z6c",
"state": "new",
"type": "phishing",
"confidenceIndicator": "malicious",
"eventCreated": "2024-05-07T00:54:23.671820+00:00",
"severity": "4",
"description": "Phishing attempt detected in an email from joeSmith@gmail.com",
"data": "#{"entityId": "321ee437asa6043d93c55e92h2f3z6c"}",
"additionalData": null,
"availableEventActions": null,
"actions": [],
"senderAddress": "jonDoe@gmail.com",
"entityLink": "https://portal.checkpoint.com/dashboard/email&collaboration/CG34?route=cHJvZFDSF3samZasdAEDF12DSAdsahaWxzX2VtYWlADA21ASDGMJNBdlMDk0ZmE2MDRjYmQ5M2M1NWU5YzkyMDZj"
}
