RSA,
When the script is called, the output of the current variables will look like this..
sender-email=joe@acme.com,protocol=HTTP,sender-ip=10.10.10.2,endpoint-user-name=juser
So you will need to parse the data and remove the =.
Here is how I have done it in a VB script.
attributeList = ("sender-email,protocol,sender-ip,endpoint-user-name,date-detected")
attributes = split(attributeList,",")
Dim attributeValues(4)
strEqPos = Instr(objArgs(e),"=")
strArgName = mid(objArgs(e),1,strEqPos - 1)
strValLen = len(objArgs(e)) - strEqPos
strArgVal = mid(objArgs(e), strEqPos + 1, strValLen )
Hope this makes sense.
If this solves your questions please marked as solved.
Ronak