PowerShell ยป Microsoft 365 Spam & Malware reports

PowerShell scripts for Microsoft 365

Get-MailDetailMalwareReport and Get-MailDetailSpamReport: Microsoft 365 malware and spam report

Cmdlet: Get-MailDetailMalwareReport

Description: This cmdlet retrieves messages that contain malware.

  1.  Get-MailDetailMalwareReport
  2.   [-Action <MultiValuedProperty>]
  3.   [-Direction <MultiValuedProperty>]
  4.   [-Domain <MultiValuedProperty>]
  5.   [-EndDate<DateTime>]
  6.   [-EventType <MultiValuedProperty>]
  7.   [-Expression <Expression>]
  8.   [-MalwareName <MultiValuedProperty>]
  9.   [-MessageId <MultiValuedProperty>]
  10.   [-MessageTraceId <MultiValuedProperty>]
  11.   [-Page <Int32>]
  12.   [-PageSize <Int32>]
  13.   [-ProbeTag <String>]
  14.   [-RecipientAddress <MultiValuedProperty>]
  15.   [-SenderAddress <MultiValuedProperty>]
  16.   [-StartDate <DateTime>]
  17.   [<CommonParameters>]

Example 1:

1  Get-MailDetailMalwareReport -StartDate 06/13/2020 -EndDate 06/15/2020 -SenderAddress john@example.com

This script retrieves the details of messages sent by john@example.com that contained malware between June 13, 2020 and June 15, 2020.

Cmdlet: Get MailDetailSpamReport

Description: The cmdlet retrieves the details of spam messages in Exchange Online.

  1.  Get-MailDetailSpamReport
  2.   [-Action <MultiValuedProperty>]
  3.   [-Direction <MultiValuedProperty>]
  4.   [-Domain <MultiValuedProperty>]
  5.   [-EndDate<DateTime>]
  6.   [-EventType <MultiValuedProperty>]
  7.   [-Expression <Expression>]
  8.   [-MessageId <MultiValuedProperty>]
  9.   [-MessageTraceId <MultiValuedProperty>]
  10.   [-Page <Int32>]
  11.   [-PageSize <Int32>]
  12.   [-ProbeTag <String>]
  13.   [-RecipientAddress <MultiValuedProperty>]
  14.   [-SenderAddress <MultiValuedProperty>]
  15.   [-StartDate <DateTime>]
  16.   [<CommonParameters>]

Example 1:

1  Get-MailDetailSpamReport -StartDate 06/13/2020 -EndDate 06/15/2020 -SenderAddress john@example.com

This script retrieves the details of spam messages sent by john@example.com between June 13, 2020 and June 15, 2020.

Generate spam and malware reports with M365 Manager Plus

M365 Manager Plus offers built-in reports on Microsoft 365 that can be viewed in a single click. Below are some of the reports on spam and malware provided by M365 Manager Plus,

If the default audit profiles do not fit your needs, you can,

  1. Top Spam Recipients
  2. Top Malware Recipients
  3. Spam Traffic Summary
  4. Malware Detections
  5. Spam Detections.

Highlights of M365 Manager Plus:

  • Advanced filters:  Use attribute and condition-based filters to get the data you need without lengthy PowerShell scripts.
  • Reports on historical data: PowerShell cmdlets can only retrieve data that's at least seven days old and no older than 180 days. But, M365 Manager Plus reports can fetch all data right from its installation.
  • Customizable dashboard: M365 Manager Plus dashboard is customizable. Generate graphical reports to get a quick peek at the mail traffic summary, top email senders and receivers, client device usage, and more. This dashboard can be embedded in any of your web pages to enable constant monitoring.
  • Report scheduler:  Schedule report generation at regular intervals to reduce the overhead.
  • Report export: The reports can be exported to PDF, XLS, HTML, or CSV formats and redistributed via emails to the administrators.
  • Secure delegation: Securely delegate report generation to technicians and IT staff without giving them full access to the Microsoft 365 Admin Center.