Lists advanced threat alerts in summary format.

Basic Parameters

ParameterDescription
Email StatusThe status Email.
SizeNumber of alerts to include in response. Valid range is 1-200. Default is 20.

Advanced Parameters

ParameterDescription
Alert IDAlert ID as shown in Email Security Cloud Web Portal.
Alert TypesThe types of the alerts.
Last Modified OnThe last modification date of the alert.
Message IDEmail message ID.
Traffic TypeTraffic type defaults to inbound. To handle outbound traffic, set the to outbound.

Example Output

{
	"data": [
		{
			"attributes": {
				"meta": {
					"read": false,
					"last_modified_on": "2022-11-22T11:33:52.037",
					"legacy_id": 85534366,
					"acknowledged": false,
					"timestamps": {
						"db_insert_time": "2022-11-22T11:33:51.961608+00",
						"es_insert_time": "2022-11-22T11:33:52.037"
					},
					"last_malware": "yara|yara_simple_eg.yara|AsciiExample_1 and 1 more",
					"alert_type": "yara"
				},
				"ati": {},
				"alert": {
					"product": "ETP",
					"alert_type": [
						"at"
					],
					"malware_md5": "b2255f656c300f3e00e51b6d0e62a7bb",
					"timestamp": "2022-11-22T11:33:52.036",
					"sha256": "94e617d9cfb98fcc0abc4010e1e4f030cdd5c0820be31c06259081cf48695261"
				},
				"email": {
					"status": "quarantined",
					"source_ip": "96.47.26.93",
					"smtp": {
						"rcpt_to": "userc@musubi2.etp-testdomain5.com",
						"mail_from": "bounce-cn1-zh_cnn_i_news_ndban112220227630041-hee3d2699f7=2@newsletters.cnn.com"
					},
					"etp_message_id": "3yINFWA-1111152-7B1209271853BC7365d49e4a8",
					"headers": {
						"cc": "",
						"to": "userc@musubi2.etp-testdomain5.com",
						"from": "CNN's 5 Things<5things@newsletters.cnn.com>",
						"subject": "Test mail"
					},
					"attachment": "yara|yara_simple_eg.yara|AsciiExample_1 and 1 more",
					"timestamp": {
						"accepted": "2022-11-22T11:32:41"
					}
				}
			},
			"id": "3yINFWA-1111152-8784f526-be90-45ed-8867-ec1fcf066dd8",
			"links": {
				"detail": "/api/v1/alerts/3yINFWA-1111152-8784f526-be90-45ed-8867-ec1fcf066dd8"
			}
		}
	],
	"meta": {
		"total": 4465,
		"size": 1,
		"fromLastModifiedOn": {
			"start": "2022-11-22T11:33:52.037",
			"end": "2022-11-22T11:33:52.037"
		},
		"copyright": "Copyright 2022 FireEye Security Holdings US LLC"
	},
	"type": "alerts"
}

Workflow Library Example

List Alerts with Trellix Email Security and Send Results Via Email

Preview this Workflow on desktop