VMRay Email Attachment Analyis

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

Back to Content Index

Submits a attachment or set of attachment associated with an office 365 email to VMRay for Analyis.

Attribute Value
Type Playbook
Solution VMRay
Source View on GitHub

Logic App Connectors

This playbook uses 3 Logic App connectors / built-in actions:

Connector / Action Type Connections Actions
azuresentinel Managed 1 3
office365 Managed 1 1
function Built-in 0 4
Action parameters (URLs, paths, function IDs)

azuresentinel (Managed)

Action Method Endpoint Other
Create_incident put [concat('/Incidents/subscriptions/',variables('subscription'),'/resourceGroups/',variables('resourceGroupName'),'/workspaces/',parameters('WorkspaceName'))]
Add_comment_to_incident_(V3) post /Incidents/Comment
Threat_Intelligence_-Upload_Indicators_of_Compromise(V2)_(Preview) post [concat('/V2/ThreatIntelligence/',parameters('WorkspaceID'),'/UploadIndicators/')]

office365 (Managed)

Action Method Endpoint Other
Send_an_email_(V2) post /v2/Mail

function (Built-in)

Action Method Endpoint Other
VMRayUploadSample functionId=[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', variables('Functionappname'), '/functions/VMRayUploadSample')]
GetVMRaySubmission functionId=[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', variables('Functionappname'), '/functions/GetVMRaySubmission')]
GetVMRaySample functionId=[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', variables('Functionappname'), '/functions/GetVMRaySample')]
GetVMRayIOCs functionId=[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', variables('Functionappname'), '/functions/GetVMRayIOCs')]

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

Back to Playbooks · Back to VMRay