Last updated: aug 6, 2024
Checks if an email address' domain is an internal domain. Return True if the email address is using an internal domain
|
Implementation |
System |
|
Command Category |
Cyber Utility |
|
Tags |
Condition Artifact Email |
Inputs
|
Parameter Name |
Required/Optional |
Description |
Sample Data |
|---|---|---|---|
|
Email Address |
Required |
Email address to check |
admin@d3security.com |
|
Domain |
Required |
Internal Domain for checking |
d3security.com |
Output
Remote Command API
The D3 command API allows you to send requests to D3 SOAR to execute this utility command via REST API.
Request
POST
{
"Username": <Username here>,
"Site": <Site here>,
"CommandParams": {
"Email Address": <Email Address here>,
"Domain": <Domain here>
}
}
Headers
Please refer to the page Webhook Configuration Guide - Authentication Method: API Keys for more details.
Request Body
https:/{base_url}/{api_namespace}/api/Command/IsEmailAddressInternal
Body Parameters
|
Parameter Name |
Type |
Required/Optional |
Description |
|---|---|---|---|
|
Username |
|
Required |
The username of your D3 SOAR account. |
|
Site |
|
Required |
The D3 SOAR site to run the remote command. |
|
Email Address |
|
Required |
Email address to check |
|
Domain |
|
Required |
Internal Domain for checking |
Sample Request
Sample Data
{
"Username": "Admin",
"Site": "Security Operations",
"CommandParams": {
"Email Address": "admin@d3security.com",
"Domain": "d3security.com\r\n"
}
}
Response
Response Fields
|
Field Name |
Type |
Description |
|---|---|---|
|
error |
|
The error message if the API request has failed. |
|
returnData |
|
The return data from the API request. |
Sample Response
{
"error": "",
"returnData": "true"
}