G Suite for Gmail Search and Purge
Description
Accepts an Internet Message ID, searches for its presence in up to 500 mailboxes, and then deletes the ones it finds. GMail does not have a "soft-delete" option, messages run through the Message Eviction playbook will be permanently deleted.
- Type: Response
- Product: Splunk SOAR
- Apps: G Suite for GMail
- Last Updated: 2024-02-19
- Author: Lou Stella, Splunk
- ID: 5294d3bd-e9c4-4bfa-b051-92cacd0ff925
- Use-cases:
- Phishing
Associated Detections
How To Implement
This input playbook requires the G Suite for GMail connector to be configured. It is designed to work in environments that posess a maximum of 500 mailboxes at this time, due to a limitation in the G Suite for GMail connector.
D3FEND
ID | Technique | Definition | Category |
---|---|---|---|
D3-ER | Email Removal | The file removal technique deletes malicious artifacts or programs from a computer system. | File Eviction |
D3-IAA | Identifier Activity Analysis | Taking known malicious identifiers and determining if they are present in a system. | Identifier Analysis |
Explore Playbook
Required field
Reference
source | version: 1