xdm.email

Cortex Data Model Schema Guide

Product
Cortex XSIAM
Last date published
2024-11-27
Category
XSIAM Data Model Schema

Email fields.

xdm.email.recipients

Description

A list of the recipients' addresses.

Datatype

EmailAddress

Dataclass

Array

xdm.email.attachment

the email attachment

xdm.email.attachment.filename

Description

The file name of the email attachment.

Datatype

String

Dataclass

Scalar

xdm.email.attachment.path

Description

The file path of the email attachment.

Datatype

String

Dataclass

Scalar

xdm.email.attachment.directory

Description

The file directory of the email attachment.

Datatype

String

Dataclass

Scalar

xdm.email.attachment.extension

Description

The file extension of the email attachment.

Datatype

String

Dataclass

Scalar

xdm.email.attachment.file_type

Description

The file type of the email attachment.

Datatype

String

Dataclass

Scalar

xdm.email.attachment.md5

Description

The MD5 hash signature for the email attachment content.

Datatype

MD5

Dataclass

Scalar

xdm.email.attachment.sha256

Description

The SHA256 hash signature for the email attachment content.

Datatype

SHA256

Dataclass

Scalar

xdm.email.attachment.is_signed

Description

Whether the loaded module of the email attachment is signed.

Datatype

Boolean

Dataclass

Scalar

Examples

True

xdm.email.attachment.signer

Description

The signer of the email attachment.

Datatype

String

Dataclass

Scalar

Examples

Microsoft Corporation

xdm.email.attachment.signature_status

Description

The signature status of the email attachment.

Datatype

XDM_CONST.SIGNATURE_STATUS

Dataclass

Scalar

Examples

XDM_CONST.SIGNATURE_STATUS_UNSIGNED, XDM_CONST.SIGNATURE_STATUS_SIGNED_INVALID, XDM_CONST.SIGNATURE_STATUS_SIGNED_VERIFIED, XDM_CONST.SIGNATURE_STATUS_STATUS_UNKNOWN

xdm.email.attachment.size

Description

Size in bytes of the email attachment.

Datatype

Number

Dataclass

Scalar

xdm.email.subject

Description

The subject line of the email.

Datatype

String

Dataclass

Scalar

xdm.email.cc

Description

A list of 'cc' addresses.

Datatype

EmailAddress

Dataclass

Array

xdm.email.bcc

Description

A list of 'bcc' addresses.

Datatype

EmailAddress

Dataclass

Array

xdm.email.sender

Description

The sender address.

Datatype

EmailAddress

Dataclass

Scalar

xdm.email.data

Description

The actual message sent, encoded in UTF-8.

Datatype

String

Dataclass

Scalar

xdm.email.mime

Description

Information about how the message is to be displayed.

Datatype

String

Dataclass

Scalar

xdm.email.return_path

Description

The header that indicates where and how bounced emails will be processed.

Datatype

String

Dataclass

Scalar

xdm.email.message_id

Description

An identifier of the email, as generated by the sending mail system.

Datatype

String

Dataclass

Scalar

xdm.email.delivery_timestamp

Description

The time that the email was delivered.

Datatype

Timestamp

Dataclass

Scalar

xdm.email.origination_timestamp

Description

The time that the email was sent.

Datatype

Timestamp

Dataclass

Scalar