| ConfidenceLevel |
List of confidence levels for each threat type identified |
Object |
| DeliveryAction |
Delivery action of the message: Delivered, Blocked |
String |
| DeliveryLocation |
Location of the message at the time of delivery |
String |
| DetectionMethods |
Methods used to detect malware, phishing, or other threats found in the message |
Object |
| GroupId |
Identifier for the team or group that the message was sent to |
String |
| GroupName |
Name of the team or group that the message was sent to |
String |
| IsExternalThread |
Indicates if there are external recipients in the thread |
Boolean |
| IsOwnedThread |
Boolean value indicating whether the message is owned by your organization or not (only the messages owned by your organization are remediable) |
Boolean |
| LastEditedTime |
Date and time when the message was last edited |
DateTime |
| MessageId |
Identifier for the message |
String |
| MessageSubtype |
Subtype of message format, for exmaple, HTML |
String |
| MessageType |
Type of message format possible values: RichText, Text |
String |
| MessageVersion |
Version number of the message |
String |
| ParentMessageId |
Identifier for the message that the current message was a reply to, otherwise this is the same as the MessageId |
String |
| RecipientDetails |
Array of recipient data (RecipientSmtpAddress, RecipientDisplayName, RecipientType, RecipientObjectId) |
Object |
| ReportId |
Unique identifier for the event |
String |
| SafetyTip |
Indicates if a safe tip has been added on the message |
String |
| SenderDisplayName |
Name of the sender displayed in the address book, typically a combination of a first name, a middle initial, and a last name or surname |
String |
| SenderEmailAddress |
Email address of the sender |
String |
| SenderObjectId |
Unique identifier for the sender’s account in Microsoft Entra ID |
String |
| SenderType |
Type of user that sent the message, for example, User, Group, Anonymous |
String |
| SourceSystem |
|
String |
| Subject |
Subject of the message, if it exists |
String |
| TeamsMessageId |
Unique identifier for the message generated by Office 365 |
String |
| TenantId |
|
String |
| ThreadId |
Identifier of the channel or chat thread that the message is part of |
String |
| ThreadName |
Name of the channel or chat thread that the message is part of |
String |
| ThreadSubType |
Indicates the channel type, possible values: None, PrivateChannel |
String |
| ThreadType |
Type of the channel or chat thread that the message is part of |
String |
| ThreatTypes |
Verdict from the filtering stack on whether the message contains malware, phishing, or other threats |
String |
| TimeGenerated |
|
DateTime |
| Timestamp |
Date and time when the record was generated |
DateTime |
| Type |
|
String |