New-MgBetaSecurityThreatSubmissionEmailThreat
Create a new emailThreatSubmission object.
Syntax
New-MgBetaSecurityThreatSubmissionEmailThreat
[-ResponseHeadersVariable <String>]
[-AdditionalProperties <Hashtable>]
[-AdminReview <IMicrosoftGraphSecuritySubmissionAdminReview>]
[-AttackSimulationInfo <IMicrosoftGraphSecurityAttackSimulationInfo>]
[-Category <String>]
[-ClientSource <String>]
[-ContentType <String>]
[-CreatedBy <IMicrosoftGraphSecuritySubmissionUserIdentity>]
[-CreatedDateTime <DateTime>]
[-Id <String>]
[-InternetMessageId <String>]
[-OriginalCategory <String>]
[-ReceivedDateTime <DateTime>]
[-RecipientEmailAddress <String>]
[-Result <IMicrosoftGraphSecuritySubmissionResult>]
[-Sender <String>]
[-SenderIP <String>]
[-Source <String>]
[-Status <String>]
[-Subject <String>]
[-TenantAllowOrBlockListAction <IMicrosoftGraphSecurityTenantAllowOrBlockListAction>]
[-TenantId <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-MgBetaSecurityThreatSubmissionEmailThreat
-BodyParameter <IMicrosoftGraphSecurityEmailThreatSubmission>
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
Create a new emailThreatSubmission object.
Permissions
| Permission type | Least privileged permissions | Higher privileged permissions |
|---|---|---|
| Delegated (work or school account) | ThreatSubmission.ReadWrite | ThreatSubmission.ReadWrite.All |
| Delegated (personal Microsoft account) | Not supported. | Not supported. |
| Application | ThreatSubmission.ReadWrite.All | Not available. |
Examples
Example 1: Code snippet
Import-Module Microsoft.Graph.Beta.Security
$params = @{
"@odata.type" = "#microsoft.graph.security.emailUrlThreatSubmission"
category = "spam"
recipientEmailAddress = "tifc@contoso.com"
messageUrl = "https://graph.microsoft.com/beta/users/c52ce8db-3e4b-4181-93c4-7d6b6bffaf60/messages/AAMkADU3MWUxOTU0LWNlOTEt="
}
New-MgBetaSecurityThreatSubmissionEmailThreat -BodyParameter $paramsThis example shows how to use the New-MgBetaSecurityThreatSubmissionEmailThreat Cmdlet.
Parameters
-AdditionalProperties
Additional Parameters
| Type: | Hashtable |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AdminReview
submissionAdminReview To construct, see NOTES section for ADMINREVIEW properties and create a hash table.
| Type: | IMicrosoftGraphSecuritySubmissionAdminReview |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AttackSimulationInfo
attackSimulationInfo To construct, see NOTES section for ATTACKSIMULATIONINFO properties and create a hash table.
| Type: | IMicrosoftGraphSecurityAttackSimulationInfo |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-BodyParameter
emailThreatSubmission To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
| Type: | IMicrosoftGraphSecurityEmailThreatSubmission |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Category
submissionCategory
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ClientSource
submissionClientSource
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ContentType
submissionContentType
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CreatedBy
submissionUserIdentity To construct, see NOTES section for CREATEDBY properties and create a hash table.
| Type: | IMicrosoftGraphSecuritySubmissionUserIdentity |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CreatedDateTime
Specifies when the threat submission was created. Supports $filter = createdDateTime ge 2022-01-01T00:00:00Z and createdDateTime lt 2022-01-02T00:00:00Z.
| Type: | DateTime |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Headers
Optional headers that will be added to the request.
| Type: | IDictionary |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Id
The unique identifier for an entity. Read-only.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-InternetMessageId
Specifies the internet message ID of the email being submitted. This information is present in the email header.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-OriginalCategory
submissionCategory
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ProgressAction
{{ Fill ProgressAction Description }}
| Type: | ActionPreference |
| Aliases: | proga |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ReceivedDateTime
Specifies the date and time stamp when the email was received.
| Type: | DateTime |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RecipientEmailAddress
Specifies the email address (in smtp format) of the recipient who received the email.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResponseHeadersVariable
Optional Response Headers Variable.
| Type: | String |
| Aliases: | RHV |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Result
submissionResult To construct, see NOTES section for RESULT properties and create a hash table.
| Type: | IMicrosoftGraphSecuritySubmissionResult |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Sender
Specifies the email address of the sender.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SenderIP
Specifies the IP address of the sender.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Source
submissionSource
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Status
longRunningOperationStatus
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Subject
Specifies the subject of the email.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TenantAllowOrBlockListAction
tenantAllowOrBlockListAction To construct, see NOTES section for TENANTALLOWORBLOCKLISTACTION properties and create a hash table.
| Type: | IMicrosoftGraphSecurityTenantAllowOrBlockListAction |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TenantId
Indicates the tenant id of the submitter. Not required when created using a POST operation. It's extracted from the token of the post API call.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphSecurityEmailThreatSubmission
System.Collections.IDictionary
Outputs
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphSecurityEmailThreatSubmission
Notes
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
ADMINREVIEW <IMicrosoftGraphSecuritySubmissionAdminReview>: submissionAdminReview
[(Any) <Object>]: This indicates any property can be added to this object.[ReviewBy <String>]: Specifies who reviewed the email. The identification is an email ID or other identity strings.[ReviewDateTime <DateTime?>]: Specifies the date time when the review occurred.[ReviewResult <String>]: submissionResultCategory
ATTACKSIMULATIONINFO <IMicrosoftGraphSecurityAttackSimulationInfo>: attackSimulationInfo
[(Any) <Object>]: This indicates any property can be added to this object.[AttackSimDateTime <DateTime?>]: The date and time of the attack simulation.[AttackSimDurationTime <TimeSpan?>]: The duration (in time) for the attack simulation.[AttackSimId <String>]: The activity ID for the attack simulation.[AttackSimUserId <String>]: The unique identifier for the user who got the attack simulation email.
BODYPARAMETER <IMicrosoftGraphSecurityEmailThreatSubmission>: emailThreatSubmission
[(Any) <Object>]: This indicates any property can be added to this object.[AdminReview <IMicrosoftGraphSecuritySubmissionAdminReview>]: submissionAdminReview[(Any) <Object>]: This indicates any property can be added to this object.[ReviewBy <String>]: Specifies who reviewed the email. The identification is an email ID or other identity strings.[ReviewDateTime <DateTime?>]: Specifies the date time when the review occurred.[ReviewResult <String>]: submissionResultCategory
[Category <String>]: submissionCategory[ClientSource <String>]: submissionClientSource[ContentType <String>]: submissionContentType[CreatedBy <IMicrosoftGraphSecuritySubmissionUserIdentity>]: submissionUserIdentity[(Any) <Object>]: This indicates any property can be added to this object.[DisplayName <String>]: The display name of the identity. For drive items, the display name might not always be available or up to date. For example, if a user changes their display name the API might show the new value in a future response, but the items associated with the user don't show up as changed when using delta.[Id <String>]: Unique identifier for the identity or actor. For example, in the access reviews decisions API, this property might record the id of the principal, that is, the group, user, or application that's subject to review.[Email <String>]: The email of user who is making the submission when logged in (delegated token case).
[CreatedDateTime <DateTime?>]: Specifies when the threat submission was created. Supports $filter = createdDateTime ge 2022-01-01T00:00:00Z and createdDateTime lt 2022-01-02T00:00:00Z.[Result <IMicrosoftGraphSecuritySubmissionResult>]: submissionResult[(Any) <Object>]: This indicates any property can be added to this object.[Category <String>]: submissionResultCategory[Detail <String>]: submissionResultDetail[DetectedFiles <IMicrosoftGraphSecuritySubmissionDetectedFile-[]>]: Specifies the files detected by Microsoft in the submitted emails.[FileHash <String>]: The file hash.[FileName <String>]: The file name.
[DetectedUrls <String-[]>]: Specifies the URLs detected by Microsoft in the submitted email.[UserMailboxSetting <String>]: userMailboxSetting
[Source <String>]: submissionSource[Status <String>]: longRunningOperationStatus[TenantId <String>]: Indicates the tenant id of the submitter. Not required when created using a POST operation. It's extracted from the token of the post API call.[Id <String>]: The unique identifier for an entity. Read-only.[AttackSimulationInfo <IMicrosoftGraphSecurityAttackSimulationInfo>]: attackSimulationInfo[(Any) <Object>]: This indicates any property can be added to this object.[AttackSimDateTime <DateTime?>]: The date and time of the attack simulation.[AttackSimDurationTime <TimeSpan?>]: The duration (in time) for the attack simulation.[AttackSimId <String>]: The activity ID for the attack simulation.[AttackSimUserId <String>]: The unique identifier for the user who got the attack simulation email.
[InternetMessageId <String>]: Specifies the internet message ID of the email being submitted. This information is present in the email header.[OriginalCategory <String>]: submissionCategory[ReceivedDateTime <DateTime?>]: Specifies the date and time stamp when the email was received.[RecipientEmailAddress <String>]: Specifies the email address (in smtp format) of the recipient who received the email.[Sender <String>]: Specifies the email address of the sender.[SenderIP <String>]: Specifies the IP address of the sender.[Subject <String>]: Specifies the subject of the email.[TenantAllowOrBlockListAction <IMicrosoftGraphSecurityTenantAllowOrBlockListAction>]: tenantAllowOrBlockListAction[(Any) <Object>]: This indicates any property can be added to this object.[Action <String>]: tenantAllowBlockListAction[ExpirationDateTime <DateTime?>]: Specifies when the tenant allow-block-list expires in date time.[Note <String>]: Specifies the note added to the tenant allow-or-block list entry in the format of string.[Results <IMicrosoftGraphSecurityTenantAllowBlockListEntryResult-[]>]: Contains the result of the submission that lead to the tenant allow-block-list entry creation.[EntryType <String>]: tenantAllowBlockListEntryType[ExpirationDateTime <DateTime?>]: Specifies the date and time when the entry expires.[Identity <String>]: Specifies the identity of the entry generated by the tenant allow block list system.[Status <String>]: longRunningOperationStatus[Value <String>]: Specifies the value of the created tenant allow block list entry.
CREATEDBY <IMicrosoftGraphSecuritySubmissionUserIdentity>: submissionUserIdentity
[(Any) <Object>]: This indicates any property can be added to this object.[DisplayName <String>]: The display name of the identity. For drive items, the display name might not always be available or up to date. For example, if a user changes their display name the API might show the new value in a future response, but the items associated with the user don't show up as changed when using delta.[Id <String>]: Unique identifier for the identity or actor. For example, in the access reviews decisions API, this property might record the id of the principal, that is, the group, user, or application that's subject to review.[Email <String>]: The email of user who is making the submission when logged in (delegated token case).
RESULT <IMicrosoftGraphSecuritySubmissionResult>: submissionResult
[(Any) <Object>]: This indicates any property can be added to this object.[Category <String>]: submissionResultCategory[Detail <String>]: submissionResultDetail[DetectedFiles <IMicrosoftGraphSecuritySubmissionDetectedFile-[]>]: Specifies the files detected by Microsoft in the submitted emails.[FileHash <String>]: The file hash.[FileName <String>]: The file name.
[DetectedUrls <String-[]>]: Specifies the URLs detected by Microsoft in the submitted email.[UserMailboxSetting <String>]: userMailboxSetting
TENANTALLOWORBLOCKLISTACTION <IMicrosoftGraphSecurityTenantAllowOrBlockListAction>: tenantAllowOrBlockListAction
[(Any) <Object>]: This indicates any property can be added to this object.[Action <String>]: tenantAllowBlockListAction[ExpirationDateTime <DateTime?>]: Specifies when the tenant allow-block-list expires in date time.[Note <String>]: Specifies the note added to the tenant allow-or-block list entry in the format of string.[Results <IMicrosoftGraphSecurityTenantAllowBlockListEntryResult-[]>]: Contains the result of the submission that lead to the tenant allow-block-list entry creation.[EntryType <String>]: tenantAllowBlockListEntryType[ExpirationDateTime <DateTime?>]: Specifies the date and time when the entry expires.[Identity <String>]: Specifies the identity of the entry generated by the tenant allow block list system.[Status <String>]: longRunningOperationStatus[Value <String>]: Specifies the value of the created tenant allow block list entry.