Document toolboxDocument toolbox

mail.knowbe4

Owned by Juan Tomás Alonso Nieto (Deactivated)
Last updated: Jun 27, 2024 by Borja Moro Moreno
1 min read
[ 1 Introduction ] [ 2 Valid tags and data tables ] [ 3 Table structure ]

Introduction

The tags beginning with mail.knowbe4 identify events generated by KnowBe4. 

Valid tags and data tables

The full tag must have 4 levels. The first two are fixed as mail.knowbe4. The third level identifies the type of events sent, and the fourth level indicates the event subtype. 

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service

Tags

Data tables

Product / Service

Tags

Data tables

KnowBe4

mail.knowbe4.phisher.webhooks

mail.knowbe4.phisher.webhooks

For more information, read more About Devo tags.

Table structure

These are the fields displayed in this table:

mail.knowbe4.phisher.webhooks

Field

Type

Extra fields

Field

Type

Extra fields

eventdate

timestamp

 

hostname

str

 

bad_attachments

str

 

headers

str

 

addresses__cc

str

 

addresses__reply_to

str

 

addresses__reported_by

str

 

addresses__from

str

 

addresses__to

str

 

attachments

str

 

avalaible_data_raw

str

 

phishml__confidence_spam

str

 

phishml__confidence_clean

str

 

phishml__category

str

 

phishml__confidence_threat

str

 

history

str

 

bad_links

str

 

tags

str

 

virustotal

str

 

html

str

 

links

str

 

text

str

 

hostchain

str

✓ 

tag

str

 ✓

rawMessage

str

 ✓

Â