Query Details
Image Files
Query
//Looking for image files in emails let image_extensions = dynamic(["jpg", "jpeg", "png", "bmp", "gif"]); EmailAttachmentInfo | where FileType in (image_extensions)
Explanation
This query is looking for image files that are attached to emails. It defines a list of image file extensions (jpg, jpeg, png, bmp, gif) and then filters the EmailAttachmentInfo table to only include files with those extensions.
Details
Rod Trent
Released: October 2, 2023
Tables
EmailAttachmentInfo
Keywords
EmailAttachmentInfo,FileType
Operators
wherein