Hello,
Attempting to parse certain email with HTML-to-Text produces an output which is missing the key information of the mail.
- Here is the Automated Workflow:
- Here is the 'Input' for HTML-to-Text:
<p>["<html><head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"><style type=\"text/css\" media=\"screen\">\r\n<!--\r\nbody\r\n\t{font-family:arial;\r\n\tfont-size:10pt}\r\ntable\r\n\t{font-family:arial;\r\n\tfont-size:10pt}\r\n.table\r\n\t{border:1px solid #666666;\r\n\tborder-collapse:collapse;\r\n\tfont-family:arial;\r\n\tfont-size:10pt}\r\n.td\r\n\t{border:1px solid #666666}\r\n.th\r\n\t{border:1px solid #666666}\r\n-->\r\n</style></head><body><p>This message is an automatically generated reply -- do not reply to this message. This system is designed to analyze and process suspicious file submissions into Symantec Security Response and cannot accept correspondence or inquiries. <br><br><table cellpadding=\"2\" cellspacing=\"0\" class=\"table\"><tbody><tr><th class=\"th\" align=\"right\" width=\"15%\">Submission Date</th><td class=\"td\">2022-03-17 12:34:56</td></tr><tr><th class=\"th\" align=\"right\" width=\"10%\">Tracking #</th><td class=\"td\">12345678</td></tr><tr><th class=\"th\" align=\"right\">Submitter</th><td class=\"td\">My Name</td></tr><tr><th class=\"th\" align=\"right\">Customer Notes</th><td class=\"td\">Testing API</td></tr><tr><th class=\"th\" align=\"right\">Submission Hash</th><td class=\"td\">9B1168B29272AEFF17C058E4994A9526 <br></td></tr></tbody></table><br><br>My Name, <br>We have processed your submission (Tracking #12345678) and your submission is now closed. The following is a report of our findings for the files in your submission: </p><h3>Submission Summary <hr style=\"width:\"></h3><strong>Files Submitted</strong> <table class=\"table\" cellpadding=\"2\" cellspacing=\"0\"><tbody><tr><td class=\"td\"><b>#</b> </td><td class=\"td\"><b>Filename</b> </td><td class=\"td\"><b>MD5</b> </td><td class=\"td\"><b>Determination</b> </td><td class=\"td\"><b>Signature Protection Name</b> </td><td class=\"td\"><b>RR Seq#</b> </td></tr><tr><td class=\"td\" valign=\"top\">1</td><td class=\"td\" valign=\"top\">9B1168B29272AEFF17C058E4994A9526</td><td class=\"td\" valign=\"top\">9b1168b29272aeff17c058e4994a9526</td><td class=\"td\" valign=\"top\">Clean</td><td class=\"td\" valign=\"top\">N/A<br></td><td class=\"td\" valign=\"top\">N/A</td></tr></tbody></table><br><p><table border=\"0\"><tbody><tr><td><b>Developer Notes</b>: </td></tr><tr><td><br>1. 9B1168B29272AEFF17C058E4994A9526 is a clean file. <br></td></tr></tbody></table></p><h3><hr style=\"width:100%; text-align:left\">Assessment <hr style=\"width:100%; text-align:left\"></h3><table border=\"0\"><tbody><tr><th align=\"right\" width=\"15%\">File 1:</th><td>9B1168B29272AEFF17C058E4994A9526</td></tr><tr><th align=\"right\">MD5:</th><td>9b1168b29272aeff17c058e4994a9526</td></tr><tr><th align=\"right\">SHA256:</th><td>f9da33ad84c7397f9e53ae4c9c701874c7ebb32036b2f3d9a25049b37487cbed</td></tr><tr><th align=\"right\">Determination:</th><td>Clean</td></tr><tr><th align=\"right\">Submission Detail:</th><td>This file is clean.</td></tr><tr><td colspan=\"2\" align=\"center\"><hr></td></tr><tr><td></td></tr></tbody></table><table border=\"0\"><tbody><tr><td>This message was generated by Symantec Enterprise Division STAR automation - Broadcom. <br><br>More information on Threat Artifact determinations can be found in the article: <a href=\"https://support.symantec.com/en_US/article.TECH228126.html\">What is a Threat Artifact? </a><br><br></td></tr></tbody></table><p>Regards, <br>Symantec Enterprise Division - Broadcom </p><br><span style=\"background-color:rgb(255,255,255)\"><font size=\"2\">This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for the use of the individual or entity to whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are not the intended recipient or the person responsible for delivering the e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to the sender, delete it from your computer, and destroy any printed copy of it.</font></span> </body></html>"]</p>
This message is an automatically generated reply -- do not reply to this
message. This system is designed to analyze and process suspicious file
submissions into Symantec Security Response and cannot accept correspondence or
inquiries.
Submission Date2022-03-17 12:34:56Tracking #12345678SubmitterMy
NameCustomer NotesTesting APISubmission Hash9B1168B29272AEFF17C058E4994A9526
My Name,
We have processed your submission (Tracking #12345678) and your submission is
now closed. The following is a report of our findings for the files in your
submission:
- It's missing the core information compared to the email itself:
I've tried a number of approaches - for example, running a Compose Split() on HTML tags in the Body content - but not having great success. What's the trick? Thanks in advance!
