Skip to main content

purview threatassessment add

Create a threat assessment

Usage

m365 purview threatassessment add [options]

Options

-t, --type <type>

The type of threat assessment to retrieve. Supports file and url.

-e, --expectedAssessment <expectedAssessment>

The expected assessment from submitter. Possible values are: block and unblock.

-c, --category <category>

The threat category. Possible values are: spam, phishing, malware.

-p, --path [path]

Local path to the file to upload. Can only be used for threat assessment with type file.

-u, --url [url]

The URL string. Can only be used for threat assessment with type url.

-h, --help [help]

Output usage information. Optionally, specify which section of command's help you want to see. Allowed values are options, examples, remarks, response, full. Default is options.

--query [query]

JMESPath query string. See http://jmespath.org/ for more information and examples.

-o, --output [output]

Output type. json, text, csv, md, none. Default json.

--verbose

Runs command with verbose logging.

--debug

Runs command with debug logging.

Remarks

info

This command currently only supports delegated permissions.

Examples

Create a file threat assessment

m365 purview threatassessment add --type file --expectedAssessment block --category malware --fileName 'test.txt' --path 'C:\Path\To\File.txt'

Create a url threat assessment

m365 purview threatassessment add --type url --expectedAssessment block --category phishing --url 'http://contoso.com'

Response

  {
    "id": "b0e69f1c-adda-4df2-2906-08dc2caa6b3f",
    "createdDateTime": "2024-02-13T15:42:43.5131654Z",
    "contentType": "file",
    "expectedAssessment": "block",
    "category": "malware",
    "status": "pending",
    "requestSource": "administrator",
    "fileName": "test.txt",
    "contentData": "dGVzdC50eHQ=",
    "createdBy": {
      "user": {
        "id": "fe36f75e-c103-410b-a18a-2bf6df06ac3a",
        "displayName": "John Doe"
      }
    }
  }
CTRL + M