djptek · October 18, 2022 08:47
diff --git a/box_alerts.ndjson b/box_alerts.ndjson
 POST /_bulk
 {"create":{"_index":"logs-box_events.events-default"}}
 {"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:00\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca33\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"10.1.2.3\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Anomalous Download\",\"rule_id\":123,\"rule_name\":\"Anomalous Download Rule\",\"risk_score\":77,\"alert_summary\":{\"description\":\"Significant increase in download content week over week, 9200% (25.04 MB) more than last week 12 additional files downloaded week over week)\",\"download_delta_size\":\"25 Mb\",\"download_delta_percent\":9200,\"historical_period\":{\"date_range\":{\"start_date\":\"2022-10-01T01:01:00-08:00\",\"end_date\":\"2022-10-08T01:01:00-08:00\"},\"download_size\":\"0 Mb\",\"downloaded_files_count\":1},\"anomaly_period\":{\"date_range\":{\"start_date\":\"2022-10-08T01:01:00-08:00\",\"end_date\":\"2022-10-15T01:01:00-08:00\"},\"download_size\":\"25 Mb\",\"downloaded_files_count\":13},\"download_ips\":[{\"ip\":\"1.128.0.0\"},{\"ip\":\"175.16.199.0\"}]},\"alert_id\":444,\"priority\":\"medium\",\"user\":{\"id\":567,\"name\":\"Some user\",\"email\":\"[email protected]\"},\"link\":\"https://cloud.app.box.com/master/shield/alerts/444\",\"created_at\":\"2022-10-20T11:38:16-08:00\"}}}}"}
 {"create":{"_index":"logs-box_events.events-default"}}
 {"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:01\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca34\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"10.1.2.3\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Malicious Content\",\"rule_id\":123,\"rule_name\":\"Viruses and stuff\",\"risk_score\":100,\"alert_summary\":{\"upload_activity\":{\"occurred_at\":\"2022-10-20T11:37:05-08:10\",\"event_type\":\"Upload\",\"item_name\":\"virus.exe\",\"item_type\":\"file\",\"item_id\":\"127\",\"item_path\":\"ABC/DEF\",\"sha1_hash\":\"\",\"ip_info\":{\"ip\":\"67.43.156.0\",\"latitude\":\"37.5555\",\"longitude\":\"-120.6789\",\"registrant\":\"Microsoft Corporation\",\"country_code\":\"US\",\"city_name\":\"San Jose\",\"region_name\":\"California\"},\"service_name\":\"Service name\"}},\"malware_info\":{\"file_id\":127,\"file_name\":\"malware.exe\",\"file_version\":4239023,\"file_created\":\"2022-10-20T11:37:05-08:01\",\"file_created_by\":{\"id\":1010,\"name\":\"Bob\",\"email\":\"[email protected]\"},\"file_hash\":\"d869db7fe62fb07c25a0403ecaea55031744b5fb\",\"file_hash_type\":\"SHA-1\",\"file_size_bytes\":51345,\"file_version_uploaded\":\"2022-10-20T11:37:05-08:01\",\"file_version_uploaded_by\":{\"id\":1011,\"name\":\"Jane\",\"email\":\"[email protected]\"},\"status\":\"Malicious\",\"categories\":[\"Adware\",\"SpyWare\"],\"tags\":[\"FILE_MALICIOUS_EXECUTION\",\"FILE_OTHER_TAG\"],\"description\":\"This is a really bad file\",\"detail_link\":\"https://some.link/xyz\",\"malware_name\":\"BadMalware\",\"first_seen\":\"2022-10-19T11:37:05-08:10\",\"last_seen\":\"2022-10-20T11:37:05-08:10\",\"family\":\"MalwareBot4000\"},\"alert_id\":2398,\"priority\":\"medium\",\"user\":{\"id\":2320,\"name\":\"Some Name\",\"email\":\"[email protected]\"},\"link\":\"https://app.box.com/master/shield/alerts/2398\",\"created_at\":\"2022-10-20T11:37:15-08:01\"}}}}"}
 {"create":{"_index":"logs-box_events.events-default"}}
 {"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:02\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca35\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"67.43.156.0\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Suspicious Locations\",\"rule_id\":123,\"rule_name\":\"Suspicious Location\",\"risk_score\":60,\"alert_summary\":{\"alert_activities\":[{\"occurred_at\":\"2022-10-20T11:37:05-08:02\",\"event_type\":\"Download\",\"item_name\":\"xyz.txt\",\"item_type\":\"file\",\"item_id\":\"127\",\"item_path\":\"ABC/DEF\",\"ip_info\":{\"ip\":\"81.2.69.144\",\"latitude\":\"37.5555\",\"longitude\":\"-120.6789\",\"registrant\":\"Microsoft Corporation\",\"country_code\":\"US\",\"city_name\":\"San Jose\",\"region_name\":\"California\"},\"service_name\":\"Box Excel Online Previewer\"}]},\"alert_id\":2398,\"priority\":\"medium\",\"user\":{\"id\":2320,\"name\":\"Some name\",\"email\":\"[email protected]\"},\"link\":\"https://app.box.com/master/shield/alerts/2398\",\"created_at\":\"2022-10-20T11:37:15-08:02\"}}}}"}
 {"create":{"_index":"logs-box_events.events-default"}}
 {"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:03\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca36\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"10.1.2.3\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Suspicious Sessions\",\"rule_id\":123,\"rule_name\":\"Suspicious Session\",\"risk_score\":77,\"alert_summary\":{\"description\":\"First time in prior month user connected from ip 81.2.69.142 First time user agent Some User Agent (Some UA 4.5.6) appeared for user within prior month Apparent distance 9580.0 km between events 59 seconds apart is faster than possible\",\"sessions\":[{\"session_type\":\"suspicious\",\"activities\":[{\"occurred_at\":\"2022-10-19T11:37:00-08:03\",\"event_type\":\"Set shared link expiration\",\"item_name\":\"xyz.txt\",\"item_type\":\"file\",\"item_id\":\"123456\",\"item_path\":\"ABC/DEF\",\"ip_info\":{\"ip\":\"81.2.69.142\",\"latitude\":\"37.5555\",\"longitude\":\"-120.6789\",\"registrant\":\"Microsoft Corporation\",\"country_code\":\"US\",\"city_name\":\"San Jose\",\"region_name\":\"California\"},\"service_name\":\"ServiceName\"}]},{\"session_type\":\"typical\",\"activities\":[{\"occurred_at\":\"2022-10-19T11:37:59-08:03\",\"event_type\":\"Item Modified\",\"item_name\":\"abc.boxnote\",\"item_type\":\"file\",\"item_id\":\"123123\",\"item_path\":\"folder/sub folder\",\"ip_info\":{\"ip\":\"81.2.69.144\",\"latitude\":\"37.5555\",\"longitude\":\"-20.6789\",\"country_code\":\"US\",\"city_name\":\"Some City\",\"region_name\":\"XYZ\"},\"service_name\":\"Box Notes\"}]}]},\"alert_id\":500,\"priority\":\"medium\",\"user\":{\"id\":50500,\"name\":\"A b c\",\"email\":\"[email protected]\"},\"link\":\"https://cloud.app.box.com/master/shield/alerts/500\",\"created_at\":\"2022-10-20T11:38:16-08:03\"}}}}"}
	POST /_bulk
	{"create":{"_index":"logs-box_events.events-default"}}
	{"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:00\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca33\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"10.1.2.3\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Anomalous Download\",\"rule_id\":123,\"rule_name\":\"Anomalous Download Rule\",\"risk_score\":77,\"alert_summary\":{\"description\":\"Significant increase in download content week over week, 9200% (25.04 MB) more than last week 12 additional files downloaded week over week)\",\"download_delta_size\":\"25 Mb\",\"download_delta_percent\":9200,\"historical_period\":{\"date_range\":{\"start_date\":\"2022-10-01T01:01:00-08:00\",\"end_date\":\"2022-10-08T01:01:00-08:00\"},\"download_size\":\"0 Mb\",\"downloaded_files_count\":1},\"anomaly_period\":{\"date_range\":{\"start_date\":\"2022-10-08T01:01:00-08:00\",\"end_date\":\"2022-10-15T01:01:00-08:00\"},\"download_size\":\"25 Mb\",\"downloaded_files_count\":13},\"download_ips\":[{\"ip\":\"1.128.0.0\"},{\"ip\":\"175.16.199.0\"}]},\"alert_id\":444,\"priority\":\"medium\",\"user\":{\"id\":567,\"name\":\"Some user\",\"email\":\"[email protected]\"},\"link\":\"https://cloud.app.box.com/master/shield/alerts/444\",\"created_at\":\"2022-10-20T11:38:16-08:00\"}}}}"}
	{"create":{"_index":"logs-box_events.events-default"}}
	{"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:01\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca34\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"10.1.2.3\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Malicious Content\",\"rule_id\":123,\"rule_name\":\"Viruses and stuff\",\"risk_score\":100,\"alert_summary\":{\"upload_activity\":{\"occurred_at\":\"2022-10-20T11:37:05-08:10\",\"event_type\":\"Upload\",\"item_name\":\"virus.exe\",\"item_type\":\"file\",\"item_id\":\"127\",\"item_path\":\"ABC/DEF\",\"sha1_hash\":\"\",\"ip_info\":{\"ip\":\"67.43.156.0\",\"latitude\":\"37.5555\",\"longitude\":\"-120.6789\",\"registrant\":\"Microsoft Corporation\",\"country_code\":\"US\",\"city_name\":\"San Jose\",\"region_name\":\"California\"},\"service_name\":\"Service name\"}},\"malware_info\":{\"file_id\":127,\"file_name\":\"malware.exe\",\"file_version\":4239023,\"file_created\":\"2022-10-20T11:37:05-08:01\",\"file_created_by\":{\"id\":1010,\"name\":\"Bob\",\"email\":\"[email protected]\"},\"file_hash\":\"d869db7fe62fb07c25a0403ecaea55031744b5fb\",\"file_hash_type\":\"SHA-1\",\"file_size_bytes\":51345,\"file_version_uploaded\":\"2022-10-20T11:37:05-08:01\",\"file_version_uploaded_by\":{\"id\":1011,\"name\":\"Jane\",\"email\":\"[email protected]\"},\"status\":\"Malicious\",\"categories\":[\"Adware\",\"SpyWare\"],\"tags\":[\"FILE_MALICIOUS_EXECUTION\",\"FILE_OTHER_TAG\"],\"description\":\"This is a really bad file\",\"detail_link\":\"https://some.link/xyz\",\"malware_name\":\"BadMalware\",\"first_seen\":\"2022-10-19T11:37:05-08:10\",\"last_seen\":\"2022-10-20T11:37:05-08:10\",\"family\":\"MalwareBot4000\"},\"alert_id\":2398,\"priority\":\"medium\",\"user\":{\"id\":2320,\"name\":\"Some Name\",\"email\":\"[email protected]\"},\"link\":\"https://app.box.com/master/shield/alerts/2398\",\"created_at\":\"2022-10-20T11:37:15-08:01\"}}}}"}
	{"create":{"_index":"logs-box_events.events-default"}}
	{"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:02\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca35\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"67.43.156.0\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Suspicious Locations\",\"rule_id\":123,\"rule_name\":\"Suspicious Location\",\"risk_score\":60,\"alert_summary\":{\"alert_activities\":[{\"occurred_at\":\"2022-10-20T11:37:05-08:02\",\"event_type\":\"Download\",\"item_name\":\"xyz.txt\",\"item_type\":\"file\",\"item_id\":\"127\",\"item_path\":\"ABC/DEF\",\"ip_info\":{\"ip\":\"81.2.69.144\",\"latitude\":\"37.5555\",\"longitude\":\"-120.6789\",\"registrant\":\"Microsoft Corporation\",\"country_code\":\"US\",\"city_name\":\"San Jose\",\"region_name\":\"California\"},\"service_name\":\"Box Excel Online Previewer\"}]},\"alert_id\":2398,\"priority\":\"medium\",\"user\":{\"id\":2320,\"name\":\"Some name\",\"email\":\"[email protected]\"},\"link\":\"https://app.box.com/master/shield/alerts/2398\",\"created_at\":\"2022-10-20T11:37:15-08:02\"}}}}"}
	{"create":{"_index":"logs-box_events.events-default"}}
	{"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:03\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca36\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"10.1.2.3\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Suspicious Sessions\",\"rule_id\":123,\"rule_name\":\"Suspicious Session\",\"risk_score\":77,\"alert_summary\":{\"description\":\"First time in prior month user connected from ip 81.2.69.142 First time user agent Some User Agent (Some UA 4.5.6) appeared for user within prior month Apparent distance 9580.0 km between events 59 seconds apart is faster than possible\",\"sessions\":[{\"session_type\":\"suspicious\",\"activities\":[{\"occurred_at\":\"2022-10-19T11:37:00-08:03\",\"event_type\":\"Set shared link expiration\",\"item_name\":\"xyz.txt\",\"item_type\":\"file\",\"item_id\":\"123456\",\"item_path\":\"ABC/DEF\",\"ip_info\":{\"ip\":\"81.2.69.142\",\"latitude\":\"37.5555\",\"longitude\":\"-120.6789\",\"registrant\":\"Microsoft Corporation\",\"country_code\":\"US\",\"city_name\":\"San Jose\",\"region_name\":\"California\"},\"service_name\":\"ServiceName\"}]},{\"session_type\":\"typical\",\"activities\":[{\"occurred_at\":\"2022-10-19T11:37:59-08:03\",\"event_type\":\"Item Modified\",\"item_name\":\"abc.boxnote\",\"item_type\":\"file\",\"item_id\":\"123123\",\"item_path\":\"folder/sub folder\",\"ip_info\":{\"ip\":\"81.2.69.144\",\"latitude\":\"37.5555\",\"longitude\":\"-20.6789\",\"country_code\":\"US\",\"city_name\":\"Some City\",\"region_name\":\"XYZ\"},\"service_name\":\"Box Notes\"}]}]},\"alert_id\":500,\"priority\":\"medium\",\"user\":{\"id\":50500,\"name\":\"A b c\",\"email\":\"[email protected]\"},\"link\":\"https://cloud.app.box.com/master/shield/alerts/500\",\"created_at\":\"2022-10-20T11:38:16-08:03\"}}}}"}