Request: Include the data fields Mail Date and Mail ID to the information shared via SIEM integration when a monitored employee violates an email-related Behavior Rule
Current functionality: For email-related Rule violation information, Splunk/SIEM integrations send the Event Date, indicating when the email in question violated a Rule. The date the email was actually sent by the monitored employee, Mail Date, is not included. While it would be possible to pull an email's Mail Date with an API call, you need the Mail ID to do so, but the Mail ID is also excluded from the SIEM integration's emailed-related Rule violation event data.
