New-MgBetaSecurityThreatSubmissionEmailThreat

New-MgBetaSecurityThreatSubmissionEmailThreat
    [-ResponseHeadersVariable <string>]
    [-AdditionalProperties <hashtable>]
    [-AdminReview <IMicrosoftGraphSecuritySubmissionAdminReview>]
    [-AttackSimulationInfo <IMicrosoftGraphSecurityAttackSimulationInfo>]
    [-Category <string>]
    [-ClientSource <string>]
    [-ContentType <string>]
    [-CreatedBy <IMicrosoftGraphSecuritySubmissionUserIdentity>]
    [-CreatedDateTime <datetime>]
    [-Id <string>]
    [-InternetMessageId <string>]
    [-OriginalCategory <string>]
    [-ReceivedDateTime <datetime>]
    [-RecipientEmailAddress <string>]
    [-Result <IMicrosoftGraphSecuritySubmissionResult>]
    [-Sender <string>]
    [-SenderIP <string>]
    [-Source <string>]
    [-Status <string>]
    [-Subject <string>]
    [-TenantAllowOrBlockListAction <IMicrosoftGraphSecurityTenantAllowOrBlockListAction>]
    [-TenantId <string>]
    [-Break]
    [-Headers <IDictionary>]
    [-HttpPipelineAppend <SendAsyncStep[]>]
    [-HttpPipelinePrepend <SendAsyncStep[]>]
    [-Proxy <uri>]
    [-ProxyCredential <pscredential>]
    [-ProxyUseDefaultCredentials]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

New-MgBetaSecurityThreatSubmissionEmailThreat

    -BodyParameter <IMicrosoftGraphSecurityEmailThreatSubmission>
    [-ResponseHeadersVariable <string>]
    [-Break]
    [-Headers <IDictionary>]
    [-HttpPipelineAppend <SendAsyncStep[]>]
    [-HttpPipelinePrepend <SendAsyncStep[]>]
    [-Proxy <uri>]
    [-ProxyCredential <pscredential>]
    [-ProxyUseDefaultCredentials]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Create a new emailThreatSubmission object.

Permissions

Import-Module Microsoft.Graph.Beta.Security

$params = @{
	"@odata.type" = "#microsoft.graph.security.emailUrlThreatSubmission"
	category = "spam"
	recipientEmailAddress = "tifc@contoso.com"
	messageUrl = "https://graph.microsoft.com/beta/users/c52ce8db-3e4b-4181-93c4-7d6b6bffaf60/messages/AAMkADU3MWUxOTU0LWNlOTEt="
}

New-MgBetaSecurityThreatSubmissionEmailThreat -BodyParameter $params

This example shows how to use the New-MgBetaSecurityThreatSubmissionEmailThreat Cmdlet.

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

{{ Fill in the Description }}

{{ Fill in the Description }}

{{ Fill in the Description }}

COMPLEX PARAMETER PROPERTIES

To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.

ADMINREVIEW <IMicrosoftGraphSecuritySubmissionAdminReview>: submissionAdminReview [(Any) <Object>]: This indicates any property can be added to this object. [ReviewBy <String>]: Specifies who reviewed the email. The identification is an email ID or other identity strings. [ReviewDateTime <DateTime?>]: Specifies the date time when the review occurred. [ReviewResult <String>]: submissionResultCategory

ATTACKSIMULATIONINFO <IMicrosoftGraphSecurityAttackSimulationInfo>: attackSimulationInfo [(Any) <Object>]: This indicates any property can be added to this object. [AttackSimDateTime <DateTime?>]: The date and time of the attack simulation. [AttackSimDurationTime <TimeSpan?>]: The duration (in time) for the attack simulation. [AttackSimId <String>]: The activity ID for the attack simulation. [AttackSimUserId <String>]: The unique identifier for the user who got the attack simulation email.

BODYPARAMETER <IMicrosoftGraphSecurityEmailThreatSubmission>: emailThreatSubmission [(Any) <Object>]: This indicates any property can be added to this object. [AdminReview <IMicrosoftGraphSecuritySubmissionAdminReview>]: submissionAdminReview [(Any) <Object>]: This indicates any property can be added to this object. [ReviewBy <String>]: Specifies who reviewed the email. The identification is an email ID or other identity strings. [ReviewDateTime <DateTime?>]: Specifies the date time when the review occurred. [ReviewResult <String>]: submissionResultCategory [Category <String>]: submissionCategory [ClientSource <String>]: submissionClientSource [ContentType <String>]: submissionContentType [CreatedBy <IMicrosoftGraphSecuritySubmissionUserIdentity>]: submissionUserIdentity [(Any) <Object>]: This indicates any property can be added to this object. [DisplayName <String>]: The display name of the identity. For drive items, the display name might not always be available or up to date. For example, if a user changes their display name the API might show the new value in a future response, but the items associated with the user don't show up as changed when using delta. [Id <String>]: Unique identifier for the identity or actor. For example, in the access reviews decisions API, this property might record the id of the principal, that is, the group, user, or application that's subject to review. [Email <String>]: The email of user who is making the submission when logged in (delegated token case). [CreatedDateTime <DateTime?>]: Specifies when the threat submission was created. Supports $filter = createdDateTime ge 2022-01-01T00:00:00Z and createdDateTime lt 2022-01-02T00:00:00Z. [Result <IMicrosoftGraphSecuritySubmissionResult>]: submissionResult [(Any) <Object>]: This indicates any property can be added to this object. [Category <String>]: submissionResultCategory [Detail <String>]: submissionResultDetail [DetectedFiles <IMicrosoftGraphSecuritySubmissionDetectedFile[]>]: Specifies the files detected by Microsoft in the submitted emails. [FileHash <String>]: The file hash. [FileName <String>]: The file name. [DetectedUrls <String[]>]: Specifies the URLs detected by Microsoft in the submitted email. [UserMailboxSetting <String>]: userMailboxSetting [Source <String>]: submissionSource [Status <String>]: longRunningOperationStatus [TenantId <String>]: Indicates the tenant id of the submitter. Not required when created using a POST operation. It's extracted from the token of the post API call. [Id <String>]: The unique identifier for an entity. Read-only. [AttackSimulationInfo <IMicrosoftGraphSecurityAttackSimulationInfo>]: attackSimulationInfo [(Any) <Object>]: This indicates any property can be added to this object. [AttackSimDateTime <DateTime?>]: The date and time of the attack simulation. [AttackSimDurationTime <TimeSpan?>]: The duration (in time) for the attack simulation. [AttackSimId <String>]: The activity ID for the attack simulation. [AttackSimUserId <String>]: The unique identifier for the user who got the attack simulation email. [InternetMessageId <String>]: Specifies the internet message ID of the email being submitted. This information is present in the email header. [OriginalCategory <String>]: submissionCategory [ReceivedDateTime <DateTime?>]: Specifies the date and time stamp when the email was received. [RecipientEmailAddress <String>]: Specifies the email address (in smtp format) of the recipient who received the email. [Sender <String>]: Specifies the email address of the sender. [SenderIP <String>]: Specifies the IP address of the sender. [Subject <String>]: Specifies the subject of the email. [TenantAllowOrBlockListAction <IMicrosoftGraphSecurityTenantAllowOrBlockListAction>]: tenantAllowOrBlockListAction [(Any) <Object>]: This indicates any property can be added to this object. [Action <String>]: tenantAllowBlockListAction [ExpirationDateTime <DateTime?>]: Specifies when the tenant allow-block-list expires in date time. [Note <String>]: Specifies the note added to the tenant allow-or-block list entry in the format of string. [Results <IMicrosoftGraphSecurityTenantAllowBlockListEntryResult[]>]: Contains the result of the submission that lead to the tenant allow-block-list entry creation. [EntryType <String>]: tenantAllowBlockListEntryType [ExpirationDateTime <DateTime?>]: Specifies the date and time when the entry expires. [Identity <String>]: Specifies the identity of the entry generated by the tenant allow block list system. [Status <String>]: longRunningOperationStatus [Value <String>]: Specifies the value of the created tenant allow block list entry.

CREATEDBY <IMicrosoftGraphSecuritySubmissionUserIdentity>: submissionUserIdentity [(Any) <Object>]: This indicates any property can be added to this object. [DisplayName <String>]: The display name of the identity. For drive items, the display name might not always be available or up to date. For example, if a user changes their display name the API might show the new value in a future response, but the items associated with the user don't show up as changed when using delta. [Id <String>]: Unique identifier for the identity or actor. For example, in the access reviews decisions API, this property might record the id of the principal, that is, the group, user, or application that's subject to review. [Email <String>]: The email of user who is making the submission when logged in (delegated token case).

RESULT <IMicrosoftGraphSecuritySubmissionResult>: submissionResult [(Any) <Object>]: This indicates any property can be added to this object. [Category <String>]: submissionResultCategory [Detail <String>]: submissionResultDetail [DetectedFiles <IMicrosoftGraphSecuritySubmissionDetectedFile[]>]: Specifies the files detected by Microsoft in the submitted emails. [FileHash <String>]: The file hash. [FileName <String>]: The file name. [DetectedUrls <String[]>]: Specifies the URLs detected by Microsoft in the submitted email. [UserMailboxSetting <String>]: userMailboxSetting

TENANTALLOWORBLOCKLISTACTION <IMicrosoftGraphSecurityTenantAllowOrBlockListAction>: tenantAllowOrBlockListAction [(Any) <Object>]: This indicates any property can be added to this object. [Action <String>]: tenantAllowBlockListAction [ExpirationDateTime <DateTime?>]: Specifies when the tenant allow-block-list expires in date time. [Note <String>]: Specifies the note added to the tenant allow-or-block list entry in the format of string. [Results <IMicrosoftGraphSecurityTenantAllowBlockListEntryResult[]>]: Contains the result of the submission that lead to the tenant allow-block-list entry creation. [EntryType <String>]: tenantAllowBlockListEntryType [ExpirationDateTime <DateTime?>]: Specifies the date and time when the entry expires. [Identity <String>]: Specifies the identity of the entry generated by the tenant allow block list system. [Status <String>]: longRunningOperationStatus [Value <String>]: Specifies the value of the created tenant allow block list entry.