Docs update tracker

Updates from: 01/13/2023 04:22:49

Category	Microsoft Docs article	Related commit history on GitHub	Change details
compliance	Audit Log Search Script	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/audit-log-search-script.md	After you've connected to Exchange Online PowerShell, the next step is to create #Start script [DateTime]$currentStart = $start - [DateTime]$currentEnd = $start + [DateTime]$currentEnd = $end Function Write-LogFile ([String]$Message) {
compliance	Dlp Chrome Get Started	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-chrome-get-started.md	Use these procedures to roll out the Microsoft Purview Extension. [!INCLUDE [purview-preview](../includes/purview-preview.md)] +> [!NOTE] +> Microsoft Purview Extension is only applicable to Windows devices. The extension is not necessary for the enforcement of data loss prevention on macOS devices. + ## Before you begin To use Microsoft Purview Extension, the device must be onboarded into endpoint DLP. Review these articles if you are new to DLP or endpoint DLP Before adding the extension to the list of force-installed extensions, it is imp 3. Select Create Profile. -4. Select Windows 10 as the platform. +4. Select Windows 10 and later as the platform. + +5. Select Templates as the profile type. + +6. Select Custom as the template name. -5. Select Custom as profile type. +7. Select Create. -6. Select the Settings tab. +8. Enter a name and optional description on the Basics tab and select Next. -7. Select Add. +9. Select Add on the Configuration settings tab. -8. Enter the following policy information. +10. Enter the following policy information. OMA-URI: `./Device/Vendor/MSFT/Policy/Config/Chrome~Policy~googlechrome~Extensions/ExtensionInstallForcelist`<br/> Data type: `String`<br/> Value: `<enabled/><data id="ExtensionInstallForcelistDesc" value="1 echcggldkblhodogklpincgchnpgcdco;https://clients2.google.com/service/update2/crx"/>` + +11. Select Save and then select Next. + +12. Add or edit scope tags on the Scope tags tab as needed and select Next. + +13. Add the required deployment users, devices, and groups on the Assignments tab and select Next. + +14. Add applicability rules on the Applicability Rules tab as required and select Next. -9. Click create. +15. Select Create. ### Deploy using Group Policy
compliance	Dlp Conditions And Exceptions	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-conditions-and-exceptions.md	To configure the sender address location at a DLP rule level, the parameter is * \|condition or exception in DLP\|condition/exception parameters in Security & Compliance PowerShell\|property type\|description\| \|\|\|\|\| +\|Content is shared with \|condition: AccessScope <br/><br/> \|Scope\|Messages that are sent to internal or external recipients.\| \|Recipient is\|condition: SentTo <br/><br/> exception: ExceptIfSentTo\|Addresses\|Messages where one of the recipients is the specified mailbox, mail user, or mail contact in the organization. The recipients can be in the To, Cc, or Bcc fields of the message.\| \|Recipient domain is\|condition: RecipientDomainIs <br/><br/> exception: ExceptIfRecipientDomainIs\|DomainName\|Messages where the domain of the recipient's email address matches the specified value.\| \|Recipient address contains words\|condition: AnyOfRecipientAddressContainsWords <br/><br/> exception: ExceptIfAnyOfRecipientAddressContainsWords\|Words\|Messages that contain the specified words in the recipient's email address. <br/><br/>Note: This condition doesn't consider messages that are sent to recipient proxy addresses. It only matches messages that are sent to the recipient's primary email address.\| To configure the sender address location at a DLP rule level, the parameter is * \|Sent to member of\|condition: SentToMemberOf <br/><br/> exception: ExceptIfSentToMemberOf\|Addresses\|Messages that contain recipients who are members of the specified distribution group, mail-enabled security group, or Microsoft 365 group. The group can be in the To, Cc, or Bcc fields of the message.\| \|The recipient's specified properties include any of these words \|RecipientADAttributeContainsWords <br/><br/> ExceptIfRecipientADAttributeContainsWords\|First property: `ADAttribute` <br/><br/> Second property: `Words`\|Messages where the specified Active Directory attribute of a recipient contains any of the specified words. <br/><br/> Note that the Country attribute requires the two-letter country code value (for example, DE for Germany).\| \|The recipient's specified properties match these text patterns \|RecipientADAttributeMatchesPatterns <br/><br/> ExceptIfRecipientADAttributeMatchesPatterns\|First property: `ADAttribute` <br/><br/> Second property: `Patterns`\|Messages where the specified Active Directory attribute of a recipient contains text patterns that match the specified regular expressions.\| +\|Recipient scope\|condition: AccessScope <br/><br/> exception: ExceptIfAccessScope\|UserScopeFrom\|Messages that are received by either internal or external recipients.\| ### Message subject or body To configure the sender address location at a DLP rule level, the parameter is * \|Content contains\|condition: ContentContainsSensitiveInformation <br/> exception ExceptIfContentContainsSensitiveInformation\|SensitiveInformationTypes\|Messages or documents that contain sensitive information as defined by Microsoft Purview Data Loss Prevention (DLP) policies.\| \|Subject or Body matches pattern\|condition: SubjectOrBodyMatchesPatterns <br/> exception: ExceptIfSubjectOrBodyMatchesPatterns\|Patterns\|Messages where the subject field or message body contains text patterns that match the specified regular expressions.\| \|Subject or Body contains words\|condition: SubjectOrBodyContainsWords <br/> exception: ExceptIfSubjectOrBodyContainsWords\|Words\|Messages that have the specified words in the subject field or message body\| -\| + ### Attachments
compliance	Get Started With The Default Dlp Policy	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-the-default-dlp-policy.md	The detailed report shows you when and how much content containing credit card n To help protect the sensitive information, the default DLP policy: -- Detects when content in Exchange, SharePoint, and OneDrive that contains at least one credit card number is shared with people outside your organization. +- Detects when content in Exchange, SharePoint, and OneDrive that contains at least one of the following sensitive information is shared with people outside your organization. + - Credit Card Number + - Content containing source code (as matched by our Source Code trainable classifier) + - Content matching our U.S HIPAA Enhanced template + - Content containing Intellectual Property (as matched by our IP, Project Documents, M&A Files, Software Product developement files, IT Infra and Network Security Documents, and Strategic planning documents trainable classifiers) - Shows a policy tip and sends an email notification to users when they attempt to share this sensitive information with people outside your organization. For more information on these options, see [Send email notifications and show policy tips for DLP policies](use-notifications-and-policy-tips.md).
compliance	Sit Learn About Exact Data Match Based Sits	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-learn-about-exact-data-match-based-sits.md	When you create an EDM SIT, you define a primary element field in the rule pac You'll have to find a predefined SIT that detects the sensitive information that you want your EDM SIT to detect. For example, if your EDM SIT schema has U.S. social security number as the primary element, when you create your EDM schema, you'd associated it with the [U.S. social security number (SSN)](sit-defn-us-social-security-number.md) SIT. Primary elements need to follow a defined pattern in order to be detected. -When the primary element is found in a scanned item, EDM will then look for secondary or supporting elements. Secondary elements don't need to follow a pattern, but do need to be within a certain proximity to the primary element. +When the primary element is found in a scanned item, EDM will then look for secondary or supporting elements. Secondary elements don't need to follow a pattern unless they contain multiple tokens (which requires association to a SIT, similar to primary elements), but do need to be within a certain proximity to the primary element. ## How matching works
compliance	Whats New	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/whats-new.md	Whether it be adding new solutions to the [Microsoft Purview compliance portal]( - [Examples of file paths](/microsoft-365/compliance/insider-risk-management-settings) to denote specific and wildcard folders and sub-folders to be excluded. ### Microsoft Priva-- [Tags for reviewing data in a subject rights request](/privacy/priva/subject-rights-requests-data-review#apply-tags) provide greater flexibility. There are now two default tags and 21 custom tags that can be named and defined by an organization. Tags can now be applied to, or removed from, mutlipe content items at once. +- [Tags for reviewing data in a subject rights request](/privacy/priva/subject-rights-requests-data-review#apply-tags) provide greater flexibility. There are now two default tags and 21 custom tags that can be named and defined by an organization. Tags can now be applied to, or removed from, multiple content items at once. - The maximum file size for [file import during data review](/privacy/priva/subject-rights-requests-data-review#import-additional-files) for a subject rights request has increased to 500 MB. - Instructions for working with the [action execution log report](/privacy/priva/subject-rights-requests-delete#action-execution-log-report) for a delete request have been updated; including a clarification that its retention period is the same as all other subject rights request reports.