-
Notifications
You must be signed in to change notification settings - Fork 28
/
test_spam.json
47 lines (47 loc) · 1.85 KB
/
test_spam.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
{
"input": {
"message": "{\"processingId\": \"processingId\", \"aggregateId\": \"aggregateId\", \"accountId\": \"C0A0\", \"timestamp\": 1731193597481, \"messageId\": \"<11111111111111111111111111111111111111@mail.gmail.com>\", \"senderEnvelope\": \"john.doe@example.org\", \"subject\": \"My little subject\", \"recipients\": \"jane.doe@example.com\", \"senderIp\": \"1.2.3.4\", \"senderDomain\": \"example.org\", \"route\": \"Inbound\", \"senderHeader\": \"john.doe@example.org\", \"type\": \"spam\", \"subtype\": null, \"_offset\": 1069434, \"_partition\": 66}"
},
"expected": {
"message": "{\"processingId\": \"processingId\", \"aggregateId\": \"aggregateId\", \"accountId\": \"C0A0\", \"timestamp\": 1731193597481, \"messageId\": \"<11111111111111111111111111111111111111@mail.gmail.com>\", \"senderEnvelope\": \"john.doe@example.org\", \"subject\": \"My little subject\", \"recipients\": \"jane.doe@example.com\", \"senderIp\": \"1.2.3.4\", \"senderDomain\": \"example.org\", \"route\": \"Inbound\", \"senderHeader\": \"john.doe@example.org\", \"type\": \"spam\", \"subtype\": null, \"_offset\": 1069434, \"_partition\": 66}",
"event": {
"category": [
"email"
],
"dataset": "spam",
"provider": "Mimecast",
"type": [
"info"
]
},
"@timestamp": "2024-11-09T23:06:37.481000Z",
"email": {
"from": {
"address": [
"john.doe@example.org"
]
},
"message_id": "11111111111111111111111111111111111111@mail.gmail.com",
"to": {
"address": [
"jane.doe@example.com"
]
}
},
"mimecast": {
"siem": {
"aggregate_id": "aggregateId",
"processing_id": "processingId"
}
},
"related": {
"ip": [
"1.2.3.4"
]
},
"source": {
"address": "1.2.3.4",
"ip": "1.2.3.4"
}
}
}