Azure
/
Azure-Sentinel
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
Azure-Sentinel/Sample Data/Custom/Armorblox_CL.json

561 строка
25 KiB
JSON
Исходник Ответственный История

[
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.898 AM",
"Computer": "",
"RawData": "",
"priority_s": "MEDIUM",
"tagged_b": "false",
"date_t": "2021-09-01T18:40:53.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"Social Engineering\"\r\n]",
"incident_type_s":"THREAT_INCIDENT_TYPE",
"title_s": "social_engineering 1 Sep 17:10:52",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "213",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "[\r\n \"sanitized@sanitized.com\"\r\n]",
"folder_categories_s": "[\r\n \"SPAM\"\r\n]",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.898 AM",
"Computer": "",
"RawData": "",
"priority_s": "MEDIUM",
"tagged_b": "false",
"date_t": "2021-09-01T18:38:39.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"Social Engineering\"\r\n]",
"incident_type_s":"THREAT_INCIDENT_TYPE",
"title_s": "social_engineering 1 Sep 17:10:31",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "218",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "[\r\n \"sanitized@sanitized.com\"\r\n]",
"folder_categories_s": "[\r\n \"SPAM\"\r\n]",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.898 AM",
"Computer": "",
"RawData": "",
"priority_s": "MEDIUM",
"tagged_b": "false",
"date_t": "2021-09-01T18:38:39.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"Social Engineering\"\r\n]",
"incident_type_s":"THREAT_INCIDENT_TYPE",
"title_s": "social_engineering 1 Sep 17:8:38",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "216",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "[\r\n \"sanitized@sanitized.com\"\r\n]",
"folder_categories_s": "[\r\n \"SPAM\"\r\n]",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.898 AM",
"Computer": "",
"RawData": "",
"priority_s": "MEDIUM",
"tagged_b": "false",
"date_t": "2021-09-01T18:36:19.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"Social Engineering\"\r\n]",
"incident_type_s":"THREAT_INCIDENT_TYPE",
"title_s": "social_engineering 1 Sep 17:6:19",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "214",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "[\r\n \"sanitized@sanitized.com\"\r\n]",
"folder_categories_s": "[\r\n \"SPAM\"\r\n]",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.898 AM",
"Computer": "",
"RawData": "",
"priority_s": "MEDIUM",
"tagged_b": "false",
"date_t": "2021-09-01T18:35:24.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"Social Engineering\"\r\n]",
"incident_type_s":"THREAT_INCIDENT_TYPE",
"title_s": "social_engineering 1 Sep 17:5:23",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "217",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "[\r\n \"sanitized@sanitized.com\"\r\n]",
"folder_categories_s": "[\r\n \"SPAM\"\r\n]",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.898 AM",
"Computer": "",
"RawData": "",
"priority_s": "HIGH",
"tagged_b": "false",
"date_t": "2021-09-01T15:15:57.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"Phish URL (Attachment)\"\r\n]",
"incident_type_s":"THREAT_INCIDENT_TYPE",
"title_s": "This is RANDOMTEXT test 2021-09-01 13:45",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "215",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "[\r\n \"sanitized@sanitized.com\"\r\n]",
"folder_categories_s": "[\r\n \"UNCATEGORIZED\"\r\n]",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "[\r\n \"url.txt\"\r\n]",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.898 AM",
"Computer": "",
"RawData": "",
"priority_s": "HIGH",
"tagged_b": "false",
"date_t": "2021-09-01T12:23:31.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"Phish URL (Attachment)\"\r\n]",
"incident_type_s":"DLP_INCIDENT_TYPE",
"title_s": "This is RANDOMTEXT test 2021-09-01 10:53",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "212",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "[\r\n \"sanitized@sanitized.com\"\r\n]",
"folder_categories_s": "[\r\n \"UNCATEGORIZED\"\r\n]",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "[\r\n \"url.txt\"\r\n]",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.898 AM",
"Computer": "",
"RawData": "",
"priority_s": "MEDIUM",
"tagged_b": "false",
"date_t": "2021-08-31T17:29:42.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"Extortion\"\r\n]",
"incident_type_s":"ABUSE_INCIDENT_TYPE",
"title_s": "This is EXTORTION test 2021-08-31 15:59",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "211",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "[\r\n \"sanitized@sanitized.com\"\r\n]",
"folder_categories_s": "[\r\n \"SPAM\"\r\n]",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.898 AM",
"Computer": "",
"RawData": "",
"priority_s": "MEDIUM",
"tagged_b": "false",
"date_t": "2021-08-31T17:23:10.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"Extortion\"\r\n]",
"incident_type_s":"ABUSE_INCIDENT_TYPE",
"title_s": "This is EXTORTION test 2021-08-31 15:53",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "209",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"sanitized\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "[\r\n \"sanitized@sanitized.com\"\r\n]",
"folder_categories_s": "[\r\n \"SPAM\"\r\n]",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.898 AM",
"Computer": "",
"RawData": "",
"priority_s": "MEDIUM",
"tagged_b": "false",
"date_t": "2021-08-31T17:05:10.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"Extortion\"\r\n]",
"incident_type_s":"ABUSE_INCIDENT_TYPE",
"title_s": "This is EXTORTION test 2021-08-31 15:35",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "210",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "[\r\n \"sanitized@sanitized.com\"\r\n]",
"folder_categories_s": "[\r\n \"SPAM\"\r\n]",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.903 AM",
"Computer": "",
"RawData": "",
"priority_s": "MEDIUM",
"tagged_b": "false",
"date_t": "2021-08-31T17:01:38.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"Extortion\"\r\n]",
"incident_type_s":"ABUSE_INCIDENT_TYPE",
"title_s": "This is EXTORTION test 2021-08-31 15:31",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "208",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "[\r\n \"sanitized@sanitized.com\"\r\n]",
"folder_categories_s": "[\r\n \"SPAM\"\r\n]",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.903 AM",
"Computer": "",
"RawData": "",
"priority_s": "MEDIUM",
"tagged_b": "false",
"date_t": "2021-08-31T16:21:07.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"Extortion\"\r\n]",
"incident_type_s":"ABUSE_INCIDENT_TYPE",
"title_s": "This is EXTORTION test 2021-08-31 14:51",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "207",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "[\r\n \"sanitized@sanitized.com\"\r\n]",
"folder_categories_s": "[\r\n \"SPAM\"\r\n]",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.903 AM",
"Computer": "",
"RawData": "",
"priority_s": "HIGH",
"tagged_b": "false",
"date_t": "2021-08-31T15:53:57.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"PII Tax Number\"\r\n]",
"incident_type_s":"DLP_INCIDENT_TYPE",
"title_s": "Tax Number Test 31 Aug 14:23:56",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "206",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"sanitized@sanitized.com\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "",
"folder_categories_s": "",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.903 AM",
"Computer": "",
"RawData": "",
"priority_s": "HIGH",
"tagged_b": "false",
"date_t": "2021-08-31T15:53:10.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"PCI IBAN\"\r\n]",
"incident_type_s":"DLP_INCIDENT_TYPE",
"title_s": "IBAN Test 31 Aug 14:23:10",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "203",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"sanitized@sanitized.com\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "",
"folder_categories_s": "",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.903 AM",
"Computer": "",
"RawData": "",
"priority_s": "HIGH",
"tagged_b": "false",
"date_t": "2021-08-31T15:52:43.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"PCI Bank Account Number\"\r\n]",
"incident_type_s":"DLP_INCIDENT_TYPE",
"title_s": "Bank Account Test 31 Aug 14:22:43",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "202",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"sanitized@sanitized.com\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "",
"folder_categories_s": "",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.903 AM",
"Computer": "",
"RawData": "",
"priority_s": "HIGH",
"tagged_b": "false",
"date_t": "2021-08-31T15:51:02.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"PCI Credit Card Number\"\r\n]",
"incident_type_s":"DLP_INCIDENT_TYPE",
"title_s": "CC Test 31 Aug 14:21:2",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "205",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"sanitized@sanitized.com\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "",
"folder_categories_s": "",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.903 AM",
"Computer": "",
"RawData": "",
"priority_s": "HIGH",
"tagged_b": "false",
"date_t": "2021-08-31T15:49:39.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"PCI Credit Card Number\"\r\n]",
"incident_type_s":"DLP_INCIDENT_TYPE",
"title_s": "CC Test 31 Aug 14:19:39",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "204",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"sanitized@sanitized.com\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "",
"folder_categories_s": "",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
},
{
"TenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"SourceSystem": "RestAPI",
"MG": "",
"ManagementGroupName": "",
"TimeGenerated [UTC]": "9/9/2021, 7:00:02.903 AM",
"Computer": "",
"RawData": "",
"priority_s": "HIGH",
"tagged_b": "false",
"date_t": "2021-08-31T15:48:37.000Z",
"users_s": "[\r\n {\r\n \"name\": \"Name\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"policy_names_s": "[\r\n \"PCI Credit Card Number\"\r\n]",
"incident_type_s":"DLP_INCIDENT_TYPE",
"title_s": "CC Test 31 Aug 14:18:36",
"remediation_actions_s": "[\r\n \"ALERT\"\r\n]",
"resolution_state_s": "OPEN_INCIDENT_RESOLUTION_STATE",
"object_type_s": "CONTENT_MAIL",
"id_s": "201",
"research_status_s": "TRUE_POSITIVE",
"app_name_s": "GOOGLE_GMAIL",
"external_users_s": "[\r\n {\r\n \"name\": \"sanitized@sanitized.com\",\r\n \"email\": \"sanitized@sanitized.com\",\r\n \"is_vip\": false\r\n }\r\n]",
"external_senders_s": "",
"folder_categories_s": "",
"status_counts_done_count_s": 1,
"status_counts_process_count_s": 0,
"status_counts_error_count_s": 0,
"attachment_list_s": "",
"Type": "Armorblox_CL",
"_ResourceId": ""
}
]
Ссылка в новой задаче Показать git blame Копировать постоянную ссылку