djptek/box_alerts.ndjson

## box_alerts.ndjson
POST /_bulk
{"create":{"_index":"logs-box_events.events-default"}}
{"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:00\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca33\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"10.1.2.3\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Anomalous Download\",\"rule_id\":123,\"rule_name\":\"Anomalous Download Rule\",\"risk_score\":77,\"alert_summary\":{\"description\":\"Significant increase in download content week over week, 9200% (25.04 MB) more than last week 12 additional files downloaded week over week)\",\"download_delta_size\":\"25 Mb\",\"download_delta_percent\":9200,\"historical_period\":{\"date_range\":{\"start_date\":\"2022-10-01T01:01:00-08:00\",\"end_date\":\"2022-10-08T01:01:00-08:00\"},\"download_size\":\"0 Mb\",\"downloaded_files_count\":1},\"anomaly_period\":{\"date_range\":{\"start_date\":\"2022-10-08T01:01:00-08:00\",\"end_date\":\"2022-10-15T01:01:00-08:00\"},\"download_size\":\"25 Mb\",\"downloaded_files_count\":13},\"download_ips\":[{\"ip\":\"1.128.0.0\"},{\"ip\":\"175.16.199.0\"}]},\"alert_id\":444,\"priority\":\"medium\",\"user\":{\"id\":567,\"name\":\"Some user\",\"email\":\"some@user.com\"},\"link\":\"https://cloud.app.box.com/master/shield/alerts/444\",\"created_at\":\"2022-10-20T11:38:16-08:00\"}}}}"}
{"create":{"_index":"logs-box_events.events-default"}}
{"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:01\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca34\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"10.1.2.3\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Malicious Content\",\"rule_id\":123,\"rule_name\":\"Viruses and stuff\",\"risk_score\":100,\"alert_summary\":{\"upload_activity\":{\"occurred_at\":\"2022-10-20T11:37:05-08:10\",\"event_type\":\"Upload\",\"item_name\":\"virus.exe\",\"item_type\":\"file\",\"item_id\":\"127\",\"item_path\":\"ABC/DEF\",\"sha1_hash\":\"\",\"ip_info\":{\"ip\":\"67.43.156.0\",\"latitude\":\"37.5555\",\"longitude\":\"-120.6789\",\"registrant\":\"Microsoft Corporation\",\"country_code\":\"US\",\"city_name\":\"San Jose\",\"region_name\":\"California\"},\"service_name\":\"Service name\"}},\"malware_info\":{\"file_id\":127,\"file_name\":\"malware.exe\",\"file_version\":4239023,\"file_created\":\"2022-10-20T11:37:05-08:01\",\"file_created_by\":{\"id\":1010,\"name\":\"Bob\",\"email\":\"bob@enterprise.com\"},\"file_hash\":\"d869db7fe62fb07c25a0403ecaea55031744b5fb\",\"file_hash_type\":\"SHA-1\",\"file_size_bytes\":51345,\"file_version_uploaded\":\"2022-10-20T11:37:05-08:01\",\"file_version_uploaded_by\":{\"id\":1011,\"name\":\"Jane\",\"email\":\"jane@enterprise.com\"},\"status\":\"Malicious\",\"categories\":[\"Adware\",\"SpyWare\"],\"tags\":[\"FILE_MALICIOUS_EXECUTION\",\"FILE_OTHER_TAG\"],\"description\":\"This is a really bad file\",\"detail_link\":\"https://some.link/xyz\",\"malware_name\":\"BadMalware\",\"first_seen\":\"2022-10-19T11:37:05-08:10\",\"last_seen\":\"2022-10-20T11:37:05-08:10\",\"family\":\"MalwareBot4000\"},\"alert_id\":2398,\"priority\":\"medium\",\"user\":{\"id\":2320,\"name\":\"Some Name\",\"email\":\"some@email.com\"},\"link\":\"https://app.box.com/master/shield/alerts/2398\",\"created_at\":\"2022-10-20T11:37:15-08:01\"}}}}"}
{"create":{"_index":"logs-box_events.events-default"}}
{"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:02\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca35\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"67.43.156.0\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Suspicious Locations\",\"rule_id\":123,\"rule_name\":\"Suspicious Location\",\"risk_score\":60,\"alert_summary\":{\"alert_activities\":[{\"occurred_at\":\"2022-10-20T11:37:05-08:02\",\"event_type\":\"Download\",\"item_name\":\"xyz.txt\",\"item_type\":\"file\",\"item_id\":\"127\",\"item_path\":\"ABC/DEF\",\"ip_info\":{\"ip\":\"81.2.69.144\",\"latitude\":\"37.5555\",\"longitude\":\"-120.6789\",\"registrant\":\"Microsoft Corporation\",\"country_code\":\"US\",\"city_name\":\"San Jose\",\"region_name\":\"California\"},\"service_name\":\"Box Excel Online Previewer\"}]},\"alert_id\":2398,\"priority\":\"medium\",\"user\":{\"id\":2320,\"name\":\"Some name\",\"email\":\"some@email.com\"},\"link\":\"https://app.box.com/master/shield/alerts/2398\",\"created_at\":\"2022-10-20T11:37:15-08:02\"}}}}"}
{"create":{"_index":"logs-box_events.events-default"}}
{"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:03\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca36\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"10.1.2.3\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Suspicious Sessions\",\"rule_id\":123,\"rule_name\":\"Suspicious Session\",\"risk_score\":77,\"alert_summary\":{\"description\":\"First time in prior month user connected from ip 81.2.69.142 First time user agent Some User Agent (Some UA 4.5.6) appeared for user within prior month Apparent distance 9580.0 km between events 59 seconds apart is faster than possible\",\"sessions\":[{\"session_type\":\"suspicious\",\"activities\":[{\"occurred_at\":\"2022-10-19T11:37:00-08:03\",\"event_type\":\"Set shared link expiration\",\"item_name\":\"xyz.txt\",\"item_type\":\"file\",\"item_id\":\"123456\",\"item_path\":\"ABC/DEF\",\"ip_info\":{\"ip\":\"81.2.69.142\",\"latitude\":\"37.5555\",\"longitude\":\"-120.6789\",\"registrant\":\"Microsoft Corporation\",\"country_code\":\"US\",\"city_name\":\"San Jose\",\"region_name\":\"California\"},\"service_name\":\"ServiceName\"}]},{\"session_type\":\"typical\",\"activities\":[{\"occurred_at\":\"2022-10-19T11:37:59-08:03\",\"event_type\":\"Item Modified\",\"item_name\":\"abc.boxnote\",\"item_type\":\"file\",\"item_id\":\"123123\",\"item_path\":\"folder/sub folder\",\"ip_info\":{\"ip\":\"81.2.69.144\",\"latitude\":\"37.5555\",\"longitude\":\"-20.6789\",\"country_code\":\"US\",\"city_name\":\"Some City\",\"region_name\":\"XYZ\"},\"service_name\":\"Box Notes\"}]}]},\"alert_id\":500,\"priority\":\"medium\",\"user\":{\"id\":50500,\"name\":\"A b c\",\"email\":\"a@b.c\"},\"link\":\"https://cloud.app.box.com/master/shield/alerts/500\",\"created_at\":\"2022-10-20T11:38:16-08:03\"}}}}"}
	POST /_bulk
	{"create":{"_index":"logs-box_events.events-default"}}
	{"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:00\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca33\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"10.1.2.3\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Anomalous Download\",\"rule_id\":123,\"rule_name\":\"Anomalous Download Rule\",\"risk_score\":77,\"alert_summary\":{\"description\":\"Significant increase in download content week over week, 9200% (25.04 MB) more than last week 12 additional files downloaded week over week)\",\"download_delta_size\":\"25 Mb\",\"download_delta_percent\":9200,\"historical_period\":{\"date_range\":{\"start_date\":\"2022-10-01T01:01:00-08:00\",\"end_date\":\"2022-10-08T01:01:00-08:00\"},\"download_size\":\"0 Mb\",\"downloaded_files_count\":1},\"anomaly_period\":{\"date_range\":{\"start_date\":\"2022-10-08T01:01:00-08:00\",\"end_date\":\"2022-10-15T01:01:00-08:00\"},\"download_size\":\"25 Mb\",\"downloaded_files_count\":13},\"download_ips\":[{\"ip\":\"1.128.0.0\"},{\"ip\":\"175.16.199.0\"}]},\"alert_id\":444,\"priority\":\"medium\",\"user\":{\"id\":567,\"name\":\"Some user\",\"email\":\"some@user.com\"},\"link\":\"https://cloud.app.box.com/master/shield/alerts/444\",\"created_at\":\"2022-10-20T11:38:16-08:00\"}}}}"}
	{"create":{"_index":"logs-box_events.events-default"}}
	{"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:01\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca34\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"10.1.2.3\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Malicious Content\",\"rule_id\":123,\"rule_name\":\"Viruses and stuff\",\"risk_score\":100,\"alert_summary\":{\"upload_activity\":{\"occurred_at\":\"2022-10-20T11:37:05-08:10\",\"event_type\":\"Upload\",\"item_name\":\"virus.exe\",\"item_type\":\"file\",\"item_id\":\"127\",\"item_path\":\"ABC/DEF\",\"sha1_hash\":\"\",\"ip_info\":{\"ip\":\"67.43.156.0\",\"latitude\":\"37.5555\",\"longitude\":\"-120.6789\",\"registrant\":\"Microsoft Corporation\",\"country_code\":\"US\",\"city_name\":\"San Jose\",\"region_name\":\"California\"},\"service_name\":\"Service name\"}},\"malware_info\":{\"file_id\":127,\"file_name\":\"malware.exe\",\"file_version\":4239023,\"file_created\":\"2022-10-20T11:37:05-08:01\",\"file_created_by\":{\"id\":1010,\"name\":\"Bob\",\"email\":\"bob@enterprise.com\"},\"file_hash\":\"d869db7fe62fb07c25a0403ecaea55031744b5fb\",\"file_hash_type\":\"SHA-1\",\"file_size_bytes\":51345,\"file_version_uploaded\":\"2022-10-20T11:37:05-08:01\",\"file_version_uploaded_by\":{\"id\":1011,\"name\":\"Jane\",\"email\":\"jane@enterprise.com\"},\"status\":\"Malicious\",\"categories\":[\"Adware\",\"SpyWare\"],\"tags\":[\"FILE_MALICIOUS_EXECUTION\",\"FILE_OTHER_TAG\"],\"description\":\"This is a really bad file\",\"detail_link\":\"https://some.link/xyz\",\"malware_name\":\"BadMalware\",\"first_seen\":\"2022-10-19T11:37:05-08:10\",\"last_seen\":\"2022-10-20T11:37:05-08:10\",\"family\":\"MalwareBot4000\"},\"alert_id\":2398,\"priority\":\"medium\",\"user\":{\"id\":2320,\"name\":\"Some Name\",\"email\":\"some@email.com\"},\"link\":\"https://app.box.com/master/shield/alerts/2398\",\"created_at\":\"2022-10-20T11:37:15-08:01\"}}}}"}
	{"create":{"_index":"logs-box_events.events-default"}}
	{"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:02\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca35\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"67.43.156.0\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Suspicious Locations\",\"rule_id\":123,\"rule_name\":\"Suspicious Location\",\"risk_score\":60,\"alert_summary\":{\"alert_activities\":[{\"occurred_at\":\"2022-10-20T11:37:05-08:02\",\"event_type\":\"Download\",\"item_name\":\"xyz.txt\",\"item_type\":\"file\",\"item_id\":\"127\",\"item_path\":\"ABC/DEF\",\"ip_info\":{\"ip\":\"81.2.69.144\",\"latitude\":\"37.5555\",\"longitude\":\"-120.6789\",\"registrant\":\"Microsoft Corporation\",\"country_code\":\"US\",\"city_name\":\"San Jose\",\"region_name\":\"California\"},\"service_name\":\"Box Excel Online Previewer\"}]},\"alert_id\":2398,\"priority\":\"medium\",\"user\":{\"id\":2320,\"name\":\"Some name\",\"email\":\"some@email.com\"},\"link\":\"https://app.box.com/master/shield/alerts/2398\",\"created_at\":\"2022-10-20T11:37:15-08:02\"}}}}"}
	{"create":{"_index":"logs-box_events.events-default"}}
	{"agent":{"name":"docker-fleet-agent","id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","ephemeral_id":"02cda318-e8e4-4aab-9dbd-eda10d827a5b","type":"filebeat","version":"8.3.0"},"elastic_agent":{"id":"352eeec2-76a1-41a2-9ee1-8bae9d9ae980","version":"8.3.0","snapshot":false},"host":{"hostname":"docker-fleet-agent","os":{"kernel":"5.10.104-linuxkit","codename":"focal","name":"Ubuntu","family":"debian","type":"linux","version":"20.04.4 LTS (Focal Fossa)","platform":"ubuntu"},"containerized":false,"ip":["172.30.0.7"],"name":"docker-fleet-agent","mac":["02:42:ac:1e:00:07"],"architecture":"x86_64"},"data_stream":{"namespace":"default","type":"logs","dataset":"box_events.events"},"message":"{\"source\":null,\"created_by\":{\"type\":\"user\",\"id\":\"2\",\"name\":\"Unknown User\",\"login\":\"\"},\"action_by\":null,\"created_at\":\"2022-10-20T11:38:56-08:03\",\"event_id\":\"97f1b31f-f143-4777-81f8-1b557b39ca36\",\"event_type\":\"SHIELD_ALERT\",\"ip_address\":\"10.1.2.3\",\"type\":\"event\",\"session_id\":null,\"additional_details\":{\"shield_alert\":{\"rule_category\":\"Suspicious Sessions\",\"rule_id\":123,\"rule_name\":\"Suspicious Session\",\"risk_score\":77,\"alert_summary\":{\"description\":\"First time in prior month user connected from ip 81.2.69.142 First time user agent Some User Agent (Some UA 4.5.6) appeared for user within prior month Apparent distance 9580.0 km between events 59 seconds apart is faster than possible\",\"sessions\":[{\"session_type\":\"suspicious\",\"activities\":[{\"occurred_at\":\"2022-10-19T11:37:00-08:03\",\"event_type\":\"Set shared link expiration\",\"item_name\":\"xyz.txt\",\"item_type\":\"file\",\"item_id\":\"123456\",\"item_path\":\"ABC/DEF\",\"ip_info\":{\"ip\":\"81.2.69.142\",\"latitude\":\"37.5555\",\"longitude\":\"-120.6789\",\"registrant\":\"Microsoft Corporation\",\"country_code\":\"US\",\"city_name\":\"San Jose\",\"region_name\":\"California\"},\"service_name\":\"ServiceName\"}]},{\"session_type\":\"typical\",\"activities\":[{\"occurred_at\":\"2022-10-19T11:37:59-08:03\",\"event_type\":\"Item Modified\",\"item_name\":\"abc.boxnote\",\"item_type\":\"file\",\"item_id\":\"123123\",\"item_path\":\"folder/sub folder\",\"ip_info\":{\"ip\":\"81.2.69.144\",\"latitude\":\"37.5555\",\"longitude\":\"-20.6789\",\"country_code\":\"US\",\"city_name\":\"Some City\",\"region_name\":\"XYZ\"},\"service_name\":\"Box Notes\"}]}]},\"alert_id\":500,\"priority\":\"medium\",\"user\":{\"id\":50500,\"name\":\"A b c\",\"email\":\"a@b.c\"},\"link\":\"https://cloud.app.box.com/master/shield/alerts/500\",\"created_at\":\"2022-10-20T11:38:16-08:03\"}}}}"}