Code42 Suspicious Activity Review v2
Detects suspicious activities of a user and allows a recipient to assess the results. Afterward, the playbook takes action on the user such as adding them to legal hold.
Code42 · 9 tasks · 3 inputs · 0 outputs
Inputs
Username— The username of the employee.ReviewerEmail— The email recipient to review potential suspicious activity related to the user, such as the user's manager.LegalHoldMatterId— The legal hold matter ID to add the user to if selecting ADD-TO-LEGAL-HOLD in the Decide Remediation Action task.
Commands used
code42-file-events-search