List Alerts

Lists advanced threat alerts in summary format.

Basic Parameters

Parameter	Description
Email Status	The status Email.
Size	Number of alerts to include in response. Valid range is 1-200. Default is 20.

Advanced Parameters

Parameter	Description
Alert ID	Alert ID as shown in Email Security Cloud Web Portal.
Alert Types	The types of the alerts.
Last Modified On	The last modification date of the alert.
Message ID	Email message ID.
Traffic Type	Traffic type defaults to inbound. To handle outbound traffic, set the to outbound.

Example Output

{
    "data": [
        {
            "attributes": {
                "meta": {
                    "read": false,
                    "last_modified_on": "2022-11-22T11:33:52.037",
                    "legacy_id": 85534366,
                    "acknowledged": false,
                    "timestamps": {
                        "db_insert_time": "2022-11-22T11:33:51.961608+00",
                        "es_insert_time": "2022-11-22T11:33:52.037"
                    },
                    "last_malware": "yara|yara_simple_eg.yara|AsciiExample_1 and 1 more",
                    "alert_type": "yara"
                },
                "ati": {},
                "alert": {
                    "product": "ETP",
                    "alert_type": [
                        "at"
                    ],
                    "malware_md5": "b2255f656c300f3e00e51b6d0e62a7bb",
                    "timestamp": "2022-11-22T11:33:52.036",
                    "sha256": "94e617d9cfb98fcc0abc4010e1e4f030cdd5c0820be31c06259081cf48695261"
                },
                "email": {
                    "status": "quarantined",
                    "source_ip": "96.47.26.93",
                    "smtp": {
                        "rcpt_to": "userc@musubi2.etp-testdomain5.com",
                        "mail_from": "bounce-cn1-zh_cnn_i_news_ndban112220227630041-hee3d2699f7=2@newsletters.cnn.com"
                    },
                    "etp_message_id": "3yINFWA-1111152-7B1209271853BC7365d49e4a8",
                    "headers": {
                        "cc": "",
                        "to": "userc@musubi2.etp-testdomain5.com",
                        "from": "CNN's 5 Things<5things@newsletters.cnn.com>",
                        "subject": "Test mail"
                    },
                    "attachment": "yara|yara_simple_eg.yara|AsciiExample_1 and 1 more",
                    "timestamp": {
                        "accepted": "2022-11-22T11:32:41"
                    }
                }
            },
            "id": "3yINFWA-1111152-8784f526-be90-45ed-8867-ec1fcf066dd8",
            "links": {
                "detail": "/api/v1/alerts/3yINFWA-1111152-8784f526-be90-45ed-8867-ec1fcf066dd8"
            }
        }
    ],
    "meta": {
        "total": 4465,
        "size": 1,
        "fromLastModifiedOn": {
            "start": "2022-11-22T11:33:52.037",
            "end": "2022-11-22T11:33:52.037"
        },
        "copyright": "Copyright 2022 FireEye Security Holdings US LLC"
    },
    "type": "alerts"
}

Workflow Library Example

List Alerts with Trellix Email Security and Send Results Via Email

Preview this Workflow on desktop