email
The Email object describes the email metadata such as sender, recipients, and direction.
Attributes
Caption | Name | Type | Description |
---|---|---|---|
Cc | cc |
Email Address[] |
Entity:EMAIL_ADDRESS The machine-readable email header Cc values, as defined by RFC 5322. For example [email protected] .
|
Cc Mailboxes | cc_mailboxes |
String[] |
The human-readable email header Cc Mailbox values. For example 'Example User <[email protected]>' .
|
Data Classification | data_classification |
Data Classification[] |
Group:context The Data Classification object includes information about data classification levels and data category types.
|
Data Classification | data_classifications |
Data Classification[] |
Group:context A list of Data Classification objects, that include information about data classification levels and data category types, indentified by a classifier. |
Delivered To | delivered_to |
Email Address |
Entity:EMAIL_ADDRESS The machine-readable Delivered-To email header field. For example [email protected]
|
Delivered To | delivered_to_list |
Email Address[] |
Entity:EMAIL_ADDRESS The machine-readable Delivered-To email header values. For example [email protected]
|
Files | files |
File[] |
Entity:FILE The files embedded or attached to the email. |
From | from |
Email Address |
Entity:EMAIL_ADDRESS The machine-readable email header From values, as defined by RFC 5322. For example [email protected]
|
From Mailbox | from_mailbox |
String |
The human-readable email header From Mailbox value. For example 'Example User <[email protected]>' .
|
HTTP Headers | http_headers |
HTTP Header[] | Additional HTTP headers of an HTTP request or response. |
Message UID | message_uid |
String | The email header Message-ID value, as defined by RFC 5322. |
Raw Data | raw_data |
JSON |
Group:context The event data as received from the event source. |
Raw Header | raw_header |
String | The email authentication header. |
Recipient Users | recipient_users |
User[] |
Entity:USER The users receiving the email |
Record ID | record_id |
String |
Group:primary Unique identifier for the object |
Reply To | reply_to |
Email Address |
Entity:EMAIL_ADDRESS The machine-readable email header Reply-To values, as defined by RFC 5322. For example [email protected]
|
Reply To Mailboxes | reply_to_mailboxes |
String[] |
The human-readable email header Reply To Mailbox values. For example 'Example User <[email protected]>' .
|
Sender Users | sender_users |
User[] |
Entity:USER The user who sent the email |
Size | size |
Long | The size in bytes of the email, including attachments. |
SMTP From | smtp_from |
Email Address |
Entity:EMAIL_ADDRESS The value of the SMTP MAIL FROM command.
|
SMTP To | smtp_to |
Email Address[] |
Entity:EMAIL_ADDRESS The value of the SMTP envelope RCPT TO command.
|
Subject | subject |
String | The email header Subject value, as defined by RFC 5322. |
To | to |
Email Address[] |
Entity:EMAIL_ADDRESS The machine-readable email header To values, as defined by RFC 5322. For example [email protected]
|
To Mailboxes | to_mailboxes |
String[] |
The human-readable email header To Mailbox values. For example 'Example User <[email protected]>' .
|
Email Thread UID | uid |
String | The unique identifier of the email thread. |
Unmapped | unmapped |
Unmapped[] | Data from the source that was not mapped into the schema. |
URLs | urls |
Uniform Resource Locator[] |
Entity:UNIFORM_RESOURCE_LOCATOR The URLs embedded in the email. |
X-Originating-IP | x_originating_ip |
IP Address[] |
Entity:IP_ADDRESS The X-Originating-IP header identifying the emails originating IP address(es). |
Relationships
Inbound Relationships
These objects and events reference Email in their attributes:
Outbound Relationships
Email references the following objects and events in its attributes:
This page describes ocsf-1.4.0
Updated 3 days ago