| DetectionMethods |
Methods used to detect malware, phishing, or other threats found in the email |
Object |
| DocumentID |
Unique identifier of the file |
String |
| FileCreationTime |
Timestamp of the file creation |
DateTime |
| FileName |
Name of the file that the recorded action was applied to |
String |
| FileOwnerDisplayName |
Account recorded as owner of the file |
String |
| FileOwnerUpn |
Account recorded as owner of the file |
String |
| FileSize |
Size of the file in bytes |
Int64 |
| FolderPath |
Folder containing the file that the recorded action was applied to |
String |
| LastModifiedTime |
Date and time the item or related metadata was last modified |
DateTime |
| LastModifyingAccountUpn |
Account that last modified this file |
String |
| ReportId |
Unique identifier for the event |
String |
| SHA256 |
SHA-256 of the file that the recorded action was applied to |
String |
| SourceSystem |
|
String |
| TenantId |
|
String |
| ThreatNames |
Detection name for malware or other threats found |
String |
| ThreatTypes |
Verdict from the email filtering stack on whether the email contains malware, phishing, or other threats |
String |
| TimeGenerated |
|
DateTime |
| Timestamp |
Date and time when the record was generated |
DateTime |
| Type |
|
String |
| Workload |
The Microsoft 365 service where the event occurred |
String |