email
The Email object describes the email metadata such as sender, recipients, and direction.
Attributes
| Caption | Name | Type | Description |
|---|---|---|---|
| Cc | cc |
Email Address[] |
Entity:EMAIL_ADDRESSThe machine-readable email header Cc values, as defined by RFC 5322. For example [email protected].
|
| Cc Mailboxes | cc_mailboxes |
String[] |
The human-readable email header Cc Mailbox values. For example 'Example User <[email protected]>'.
|
| Data Classification | data_classification |
Data Classification[] |
Group:contextThe Data Classification object includes information about data classification levels and data category types.
|
| Data Classification | data_classifications |
Data Classification[] |
Group:contextA list of Data Classification objects, that include information about data classification levels and data category types, indentified by a classifier. |
| Delivered To | delivered_to |
Email Address |
Entity:EMAIL_ADDRESSThe machine-readable Delivered-To email header field. For example [email protected]
|
| Delivered To | delivered_to_list |
Email Address[] |
Entity:EMAIL_ADDRESSThe machine-readable Delivered-To email header values. For example [email protected]
|
| Files | files |
File[] |
Entity:FILEThe files embedded or attached to the email. |
| From | from |
Email Address |
Entity:EMAIL_ADDRESSThe machine-readable email header From values, as defined by RFC 5322. For example [email protected]
|
| From Mailbox | from_mailbox |
String |
The human-readable email header From Mailbox value. For example 'Example User <[email protected]>'.
|
| HTTP Headers | http_headers |
HTTP Header[] | Additional HTTP headers of an HTTP request or response. |
| Message UID | message_uid |
String | The email header Message-ID value, as defined by RFC 5322. |
| Raw Data | raw_data |
JSON |
Group:contextThe event data as received from the event source. |
| Raw Header | raw_header |
String | The email authentication header. |
| Recipient Users | recipient_users |
User[] |
Entity:USERThe users receiving the email |
| Record ID | record_id |
String |
Group:primaryUnique identifier for the object |
| Reply To | reply_to |
Email Address |
Entity:EMAIL_ADDRESSThe machine-readable email header Reply-To values, as defined by RFC 5322. For example [email protected]
|
| Reply To Mailboxes | reply_to_mailboxes |
String[] |
The human-readable email header Reply To Mailbox values. For example 'Example User <[email protected]>'.
|
| Sender Users | sender_users |
User[] |
Entity:USERThe user who sent the email |
| Size | size |
Long | The size in bytes of the email, including attachments. |
| SMTP From | smtp_from |
Email Address |
Entity:EMAIL_ADDRESSThe value of the SMTP MAIL FROM command.
|
| SMTP To | smtp_to |
Email Address[] |
Entity:EMAIL_ADDRESSThe value of the SMTP envelope RCPT TO command.
|
| Subject | subject |
String | The email header Subject value, as defined by RFC 5322. |
| To | to |
Email Address[] |
Entity:EMAIL_ADDRESSThe machine-readable email header To values, as defined by RFC 5322. For example [email protected]
|
| To Mailboxes | to_mailboxes |
String[] |
The human-readable email header To Mailbox values. For example 'Example User <[email protected]>'.
|
| Email Thread UID | uid |
String | The unique identifier of the email thread. |
| Unmapped | unmapped |
Unmapped[] | Data from the source that was not mapped into the schema. |
| URLs | urls |
Uniform Resource Locator[] |
Entity:UNIFORM_RESOURCE_LOCATORThe URLs embedded in the email. |
| X-Originating-IP | x_originating_ip |
IP Address[] |
Entity:IP_ADDRESSThe X-Originating-IP header identifying the emails originating IP address(es). |
Relationships
Inbound Relationships
These objects and events reference Email in their attributes:
Outbound Relationships
Email references the following objects and events in its attributes:
This page describes ocsf-1.4.0
Updated 3 days ago