Search And Delete Emails - EWS
Microsoft Exchange On-Premise Pack.#
This Playbook is part of theSearches EWS to identify and delete emails with similar attributes of a malicious email.
#
DependenciesThis playbook uses the following sub-playbooks, integrations, and scripts.
#
Sub-playbooksThis playbook does not use any sub-playbooks.
#
Integrations- EWS v2
#
Scripts- BuildEWSQuery
#
Commands- ews-delete-items
- ews-search-mailboxes
#
Playbook InputsName | Description | Default Value | Source | Required |
---|---|---|---|---|
From | The value of the malicious email's "From" attribute. | emailfrom | incident | Required |
Subject | The value of the malicious email's "Subject" attribute. | emailsubject | incident | Optional |
AttachmentName | The value of the malicious email's AttachmentName attribute. | attachmentname | incident | Optional |
SearchThisWeek | Limit the search to the current week. Can be "true" or "false". | true | - | Required |
Limit | The maximum number of search results. | 20 | - | Required |
DeleteType | The deletion type. Can be, "trash", "soft", or "hard". | trash | - | Required |
#
Playbook OutputsThere are no outputs for this playbook.