List Messages
Fetch a list of messages in the users organization and its child organizations.
External Documentation
To learn more, visit the Cisco Advanced Phishing Protection documentation.
Parameters
| Parameter | Description |
|---|---|
| Advanced Search | Search using the advanced search syntax. |
| End Date | The latest date time a search should target. Current date as default. |
| Limit | The amount of records to be returned. |
| Offset | The offset of the returned records. |
| Start Date | The earliest date time a search should target. Current date as default. |
Example Output
[
{
"authenticity": 0,
"date": "2024-01-29T20:55:39.492Z",
"domain_reputation": 0,
"from": "user@example.com",
"from_domain": "example.com",
"id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"mail_from": "user@example.com",
"message_id": "string",
"message_trust_score": 0,
"reply_to": "user@example.com",
"sbrs": "string",
"uris": [
"string"
],
"subject": "string",
"timestamp_ms": 0,
"to": "string",
"attachment_extensions": [
"string"
],
"attachment_filenames": [
"string"
],
"attachment_sha256": [
"string"
],
"attachment_types": [
"string"
],
"attack_types": [
"string"
],
"dkim_result": "string",
"dmarc_result": "string",
"domain_dmarc_policy": "string",
"domain_tags": [
"string"
],
"enforcement_action": "string",
"enforcement_folder": "string",
"enforcement_result": "string",
"expanded_from": "user@example.com",
"forwarded_from": "user@example.com",
"has_attachment": true,
"has_malicious_attachment": true,
"ip": "string",
"message_details_link": "string",
"org_domain": "example.com",
"policy_ids": [
0
],
"ptr_name": "string",
"message_read_status": true,
"sender_approval_state": "string",
"sender_type": "string",
"spf_result": "string"
}
]
Workflow Library Example
List Messages with Cisco Advanced Phishing Protection and Send Results Via Email
Preview this Workflow on desktop