File_sent_by_mail_put_on_quarantine_Office 365_Exchange

Alert

File sent by mail put on quarantine

SK4 unified event:
Connector/Service

Office 365/Exchange

SK4 Version:

2.3.105

Created Date:

Tue Jan 22 2019 07:39:53 GMT+0000 (Coordinated Universal Time)

Last Update:

Tue May 14 2019 07:04:19 GMT+0000 (Coordinated Universal Time)

Category

Security Alert

Description

A security alert has been detected. The resource has been quarantined.

Search query

cef_vendor="skyformation" cef_name="security-threat-detected" destinationServiceName="Office 365" sourceServiceName="Exchange" fileType="file" act="send-mail"

Parsed CEF
Unparsed raw data

Expand to see an example...

Audit sources