修正是指针对威胁采取规定的操作。 此 API 可以触发电子邮件清除操作,例如移动到垃圾邮件、移动到已删除的项目、软删除、硬删除或移动到收件箱。 此 API 支持方案和用例,例如 SOAR 集成、playbook 和自动化。 有关详细信息 ,请阅读电子邮件修正、触发操作和跟踪操作。 如果出现误报,管理员可以采取移动到收件箱操作。
POST https://graph.microsoft.com/beta/security/collaboration/analyzedEmails/remediate
Content-Type: application/json
{
"displayName": "Clean up Phish email",
"description": "Delete email",
"severity": "medium",
"action": "softDelete",
"remediateSendersCopy": "false",
"analyzedEmails": [
{
"networkMessageId": "73ca4154-58d8-43d0-a890-08dc18c52e6d",
"recipientEmailAddress": "hannah.jarvis@contoso.com"
},
{
"networkMessageId": "73ca4154-58d8-43d0-a890-08dc18c52e6d",
"recipientEmailAddress": "preston.morales@contoso.com"
}
]
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Security.Collaboration.AnalyzedEmails.MicrosoftGraphSecurityRemediate;
using Microsoft.Graph.Beta.Models.Security;
var requestBody = new RemediatePostRequestBody
{
DisplayName = "Clean up Phish email",
Description = "Delete email",
Severity = RemediationSeverity.Medium,
Action = RemediationAction.SoftDelete,
RemediateSendersCopy = false,
AnalyzedEmails = new List<AnalyzedEmail>
{
new AnalyzedEmail
{
NetworkMessageId = "73ca4154-58d8-43d0-a890-08dc18c52e6d",
RecipientEmailAddress = "hannah.jarvis@contoso.com",
},
new AnalyzedEmail
{
NetworkMessageId = "73ca4154-58d8-43d0-a890-08dc18c52e6d",
RecipientEmailAddress = "preston.morales@contoso.com",
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
await graphClient.Security.Collaboration.AnalyzedEmails.MicrosoftGraphSecurityRemediate.PostAsync(requestBody);
mgc-beta security collaboration analyzed-emails microsoft-graph-security-remediate post --body '{\
"displayName": "Clean up Phish email",\
"description": "Delete email",\
"severity": "medium",\
"action": "softDelete",\
"remediateSendersCopy": "false",\
"analyzedEmails": [\
{\
"networkMessageId": "73ca4154-58d8-43d0-a890-08dc18c52e6d",\
"recipientEmailAddress": "hannah.jarvis@contoso.com"\
},\
{\
"networkMessageId": "73ca4154-58d8-43d0-a890-08dc18c52e6d",\
"recipientEmailAddress": "preston.morales@contoso.com"\
}\
]\
}\
'
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphsecurity "github.com/microsoftgraph/msgraph-beta-sdk-go/security"
graphmodelssecurity "github.com/microsoftgraph/msgraph-beta-sdk-go/models/security"
//other-imports
)
requestBody := graphsecurity.NewRemediatePostRequestBody()
displayName := "Clean up Phish email"
requestBody.SetDisplayName(&displayName)
description := "Delete email"
requestBody.SetDescription(&description)
severity := graphmodels.MEDIUM_REMEDIATIONSEVERITY
requestBody.SetSeverity(&severity)
action := graphmodels.SOFTDELETE_REMEDIATIONACTION
requestBody.SetAction(&action)
remediateSendersCopy := false
requestBody.SetRemediateSendersCopy(&remediateSendersCopy)
analyzedEmail := graphmodelssecurity.NewAnalyzedEmail()
networkMessageId := "73ca4154-58d8-43d0-a890-08dc18c52e6d"
analyzedEmail.SetNetworkMessageId(&networkMessageId)
recipientEmailAddress := "hannah.jarvis@contoso.com"
analyzedEmail.SetRecipientEmailAddress(&recipientEmailAddress)
analyzedEmail1 := graphmodelssecurity.NewAnalyzedEmail()
networkMessageId := "73ca4154-58d8-43d0-a890-08dc18c52e6d"
analyzedEmail1.SetNetworkMessageId(&networkMessageId)
recipientEmailAddress := "preston.morales@contoso.com"
analyzedEmail1.SetRecipientEmailAddress(&recipientEmailAddress)
analyzedEmails := []graphmodelssecurity.AnalyzedEmailable {
analyzedEmail,
analyzedEmail1,
}
requestBody.SetAnalyzedEmails(analyzedEmails)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
graphClient.Security().Collaboration().AnalyzedEmails().MicrosoftGraphSecurityRemediate().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
com.microsoft.graph.beta.security.collaboration.analyzedemails.microsoftgraphsecurityremediate.RemediatePostRequestBody remediatePostRequestBody = new com.microsoft.graph.beta.security.collaboration.analyzedemails.microsoftgraphsecurityremediate.RemediatePostRequestBody();
remediatePostRequestBody.setDisplayName("Clean up Phish email");
remediatePostRequestBody.setDescription("Delete email");
remediatePostRequestBody.setSeverity(com.microsoft.graph.beta.models.security.RemediationSeverity.Medium);
remediatePostRequestBody.setAction(com.microsoft.graph.beta.models.security.RemediationAction.SoftDelete);
remediatePostRequestBody.setRemediateSendersCopy(false);
LinkedList<com.microsoft.graph.beta.models.security.AnalyzedEmail> analyzedEmails = new LinkedList<com.microsoft.graph.beta.models.security.AnalyzedEmail>();
com.microsoft.graph.beta.models.security.AnalyzedEmail analyzedEmail = new com.microsoft.graph.beta.models.security.AnalyzedEmail();
analyzedEmail.setNetworkMessageId("73ca4154-58d8-43d0-a890-08dc18c52e6d");
analyzedEmail.setRecipientEmailAddress("hannah.jarvis@contoso.com");
analyzedEmails.add(analyzedEmail);
com.microsoft.graph.beta.models.security.AnalyzedEmail analyzedEmail1 = new com.microsoft.graph.beta.models.security.AnalyzedEmail();
analyzedEmail1.setNetworkMessageId("73ca4154-58d8-43d0-a890-08dc18c52e6d");
analyzedEmail1.setRecipientEmailAddress("preston.morales@contoso.com");
analyzedEmails.add(analyzedEmail1);
remediatePostRequestBody.setAnalyzedEmails(analyzedEmails);
graphClient.security().collaboration().analyzedEmails().microsoftGraphSecurityRemediate().post(remediatePostRequestBody);
const options = {
authProvider,
};
const client = Client.init(options);
const remediate = {
displayName: 'Clean up Phish email',
description: 'Delete email',
severity: 'medium',
action: 'softDelete',
remediateSendersCopy: 'false',
analyzedEmails: [
{
networkMessageId: '73ca4154-58d8-43d0-a890-08dc18c52e6d',
recipientEmailAddress: 'hannah.jarvis@contoso.com'
},
{
networkMessageId: '73ca4154-58d8-43d0-a890-08dc18c52e6d',
recipientEmailAddress: 'preston.morales@contoso.com'
}
]
};
await client.api('/security/collaboration/analyzedEmails/remediate')
.version('beta')
.post(remediate);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Security\Collaboration\AnalyzedEmails\MicrosoftGraphSecurityRemediate\RemediatePostRequestBody;
use Microsoft\Graph\Beta\Generated\Models\Security\RemediationSeverity;
use Microsoft\Graph\Beta\Generated\Models\Security\RemediationAction;
use Microsoft\Graph\Beta\Generated\Models\Security\AnalyzedEmail;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new RemediatePostRequestBody();
$requestBody->setDisplayName('Clean up Phish email');
$requestBody->setDescription('Delete email');
$requestBody->setSeverity(new RemediationSeverity('medium'));
$requestBody->setAction(new RemediationAction('softDelete'));
$requestBody->setRemediateSendersCopy(false);
$analyzedEmailsAnalyzedEmail1 = new AnalyzedEmail();
$analyzedEmailsAnalyzedEmail1->setNetworkMessageId('73ca4154-58d8-43d0-a890-08dc18c52e6d');
$analyzedEmailsAnalyzedEmail1->setRecipientEmailAddress('hannah.jarvis@contoso.com');
$analyzedEmailsArray []= $analyzedEmailsAnalyzedEmail1;
$analyzedEmailsAnalyzedEmail2 = new AnalyzedEmail();
$analyzedEmailsAnalyzedEmail2->setNetworkMessageId('73ca4154-58d8-43d0-a890-08dc18c52e6d');
$analyzedEmailsAnalyzedEmail2->setRecipientEmailAddress('preston.morales@contoso.com');
$analyzedEmailsArray []= $analyzedEmailsAnalyzedEmail2;
$requestBody->setAnalyzedEmails($analyzedEmailsArray);
$graphServiceClient->security()->collaboration()->analyzedEmails()->microsoftGraphSecurityRemediate()->post($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.Security
$params = @{
displayName = "Clean up Phish email"
description = "Delete email"
severity = "medium"
action = "softDelete"
remediateSendersCopy = "false"
analyzedEmails = @(
@{
networkMessageId = "73ca4154-58d8-43d0-a890-08dc18c52e6d"
recipientEmailAddress = "hannah.jarvis@contoso.com"
}
@{
networkMessageId = "73ca4154-58d8-43d0-a890-08dc18c52e6d"
recipientEmailAddress = "preston.morales@contoso.com"
}
)
}
Invoke-MgBetaRemediateSecurityCollaborationAnalyzedEmail -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.security.collaboration.analyzedemails.microsoft_graph_security_remediate.remediate_post_request_body import RemediatePostRequestBody
from msgraph_beta.generated.models.remediation_severity import RemediationSeverity
from msgraph_beta.generated.models.remediation_action import RemediationAction
from msgraph_beta.generated.models.security.analyzed_email import AnalyzedEmail
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = RemediatePostRequestBody(
display_name = "Clean up Phish email",
description = "Delete email",
severity = RemediationSeverity.Medium,
action = RemediationAction.SoftDelete,
remediate_senders_copy = False,
analyzed_emails = [
AnalyzedEmail(
network_message_id = "73ca4154-58d8-43d0-a890-08dc18c52e6d",
recipient_email_address = "hannah.jarvis@contoso.com",
),
AnalyzedEmail(
network_message_id = "73ca4154-58d8-43d0-a890-08dc18c52e6d",
recipient_email_address = "preston.morales@contoso.com",
),
],
)
await graph_client.security.collaboration.analyzed_emails.microsoft_graph_security_remediate.post(request_body)