syne0
commented
2 months ago this could probably be correlated pretty decently with message trace, but would need a lot of error handling and i probably wouldnt have it be a core function. there's a script ive used somewhere that i can probably reference.
I think this function is a good idea, but I struggle to see most people using Osprey finding use out of it. Right now it takes an application ID and then gets all MailItemsAccessed records that match that ID during the investigation period.
I think a lot more could be done to improve this idea, I just dont know where to start.