This atomic ingests email security events from custom sources. Each email security event will be sent to XDR’s data ingestion pipeline as a detection finding and then processed as other detection sources. The detection will be considered for correlation with other detections and genarating XDR incidents.

Target: Custom Security Events Ingest APIs

Steps:
- Build the workflow ID header
- Build the payload
- Check if there were any errors:
  - If there were, end the workflow
- Ingest the email security event
- Check if the request was successful:
  - If it was, set the output variable
  - If it wasn't, output an error

XDR - Analytics - Ingest Email Security Event