Usage
m365 purview threatassessment add
Description
Create a threat assessment
Options
| Option |
Description |
-t, --type <type> |
The type of threat assessment to retrieve. Supports mail, file, emailFile and url. |
-e, --expectedAssessment <expectedAssessment> |
The expected assessment from submitter. Possible values are: block and unblock. |
-c, --category <category> |
The threat category. Possible values are: spam, phishing, malware. |
-r, --recipientEmail [recipientEmail] |
The mail recipient whose policies are used to assess the mail. Can only be used for threat assessment with type mail and emailFile. |
-p, --path [path] |
Local path to the file to upload. Can only be used for threat assessment with type file and emailFile. |
-u, --url [url] |
The URL string. Can only be used for threat assessment with type url. |
-m, --messageUri [messageUri] |
The resource URI of the mail message for assessment. Can only be used for threat assessment with type mail. |
Examples
Create a mail threat assessment
m365 purview threatassessment add --type mail --expectedAssessment block --recipientEmail "[email protected]" --category spam --messageUri "https://graph.microsoft.com/v1.0/users/c52ce8db-3e4b-4181-93c4-7d6b6bffaf60/messages/AAMkADU3MWUxOTU0LWNlOTEt="
Create a emailFile threat assessment
m365 purview threatassessment add --type emailFile --expectedAssessment block --category malware --recipientEmail "[email protected]" --contentData "UmVjZWl2ZWQ6IGZyb20gTVcyUFIwME1CMDMxNC5uYW1wcmQwMC"
Create a file threat assessment
m365 purview threatassessment add --type file --expectedAssessment block --category malware --fileName "test.txt" --contentData "VGhpcyBpcyBhIHRlc3QgZmlsZQ=="
Create a url threat assessment
m365 purview threatassessment add --type url --expectedAssessment block --category phishing --url "http://contoso.com"
Default properties
No response
Additional Info
API request: https://learn.microsoft.com/en-us/graph/api/informationprotection-post-threatassessmentrequests?view=graph-rest-1.0&tabs=http
Needed permissions
- ThreatAssessment.ReadWrite.All
Usage
m365 purview threatassessment add
Description
Create a threat assessment
Options
-t, --type <type>mail,file,emailFileandurl.-e, --expectedAssessment <expectedAssessment>blockandunblock.-c, --category <category>spam,phishing,malware.-r, --recipientEmail [recipientEmail]mailandemailFile.-p, --path [path]fileandemailFile.-u, --url [url]url.-m, --messageUri [messageUri]mail.Examples
Create a mail threat assessment
Create a emailFile threat assessment
Create a file threat assessment
Create a url threat assessment
m365 purview threatassessment add --type url --expectedAssessment block --category phishing --url "http://contoso.com"Default properties
No response
Additional Info
API request: https://learn.microsoft.com/en-us/graph/api/informationprotection-post-threatassessmentrequests?view=graph-rest-1.0&tabs=http
Needed permissions