Accepts an internet message id, and asks Gmail for a list of mailboxes to search, and then searches each one to look for records that have a matching internet message id. It then produces a normalized output and summary table.
- Type: Investigation
- Product: Splunk SOAR
- Apps: G Suite for GMail
- Last Updated: 2023-05-12
- Author: Lou Stella, Splunk
- ID: 5299d6dd-e9c4-4afa-b051-928ace0ff816
How To Implement
This input playbook requires the G Suite for GMail connector to be configured. It is designed to work in environments that posess a maximum of 500 mailboxes at this time, due to a limitation in the G Suite for GMail connector.
|D3-IAA||Identifier Activity Analysis||Taking known malicious identifiers and determining if they are present in a system.||Identifier Analysis|
source | version: 1