@@ -235,7 +235,8 @@ def send_phishing_email(cls,
235235 alert_sender : Optional [str ] = None ,
236236 wait : bool = False ,
237237 timeout : Optional [int ] = None ,
238- email_path : Optional [str ] = None ):
238+ email_path : Optional [str ] = None ,
239+ additional_info : Optional [dict ] = None ):
239240 """
240241 Send an alert for further investigation using the Intezer Analyze API.
241242 Should pass either raw_email or email_path.
@@ -248,6 +249,7 @@ def send_phishing_email(cls,
248249 :param wait: Wait for the alert to finish processing before returning.
249250 :param timeout: The timeout for the wait operation.
250251 :param email_path: The path to the email file.
252+ :param additional_info: Additional information to send with the alert.
251253 :raises: :class:`requests.HTTPError` if the request failed for any reason.
252254 :return: The Alert instance, initialized with the alert id. when the `wait` parameter is set to True, the
253255 resulting alert object will be initialized with the alert triage data.
@@ -266,9 +268,10 @@ def send_phishing_email(cls,
266268 file_name = cls ._parse_alert_id_from_alert_stream (raw_email ),
267269 alert_source = 'phishing_emails' ,
268270 environment = environment ,
269- display_fields = ',' .join (['sender' , 'received' , 'subject' , 'message_id' , 'to' ]),
271+ display_fields = ',' .join (['received_by' , ' sender''received' , 'subject' , 'message_id' , 'to' ]),
270272 default_verdict = default_verdict ,
271- alert_sender = alert_sender
273+ alert_sender = alert_sender ,
274+ additional_info = json .dumps (additional_info ) if additional_info else None ,
272275 )
273276
274277 send_alert_params = {key : value for key , value in send_alert_params .items () if value is not None }
0 commit comments