I'm facing some problems in order to work with the attachment of potential phishing cases. The phishing button that we have configured sends the original email as an attachment without format. Which is making XSOAR read it like that:
I've coded an automation that extracts everything needed from an email. In order to work I've tested that by uploading a .eml in the playground and running this automation with the entry ID generated.
The problem I have is that I'm not being able to get these attachment entryID in order to start the analysis, I've tried with the attachment..path but this is not working.
As the automation seems to find in different path.
Any ideas of how can I work with this file, should I change the path in the automation created?
Thanks in advance!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!