-All alerts are listed on the **Alerts** tab in Compliance Manger, and all alert policies are listed on the **Alert Policies tab**.

-DLP reports a vast amount of information into Microsoft Purview from monitoring, policy matches and actions, and user activities. You'll need to consume and act on that information to tune your policies and triage actions taken on sensitive items. The telemetry goes into the [Microsoft Purview compliance portal Audit Logs](search-the-audit-log-in-security-and-compliance.md#search-the-audit-log-in-the-compliance-center) first, is processed, and makes its way to different reporting tools. Each reporting tool has a different purpose.

-description: Learn about automatic redirection of users from the Office 365 Security and Compliance center users to the Microsoft Purview compliance portal.

-# Redirection of users from the Office 365 Security and Compliance center to the Microsoft Purview compliance portal

-This feature and associated controls does not enable the automatic redirection of Security features for Microsoft Defender for Office 365. To enable the redirection for security features, see [Redirecting accounts from Microsoft Defender for Office 365 to the Microsoft 365 Defender portal](/microsoft-365/security/defender/microsoft-365-security-mdo-redirection) for details.

-If you are unfamiliar with adaptive and static scopes, and to help you choose which one to use when you configure a policy for retention, see [Adaptive or static policy scopes for retention](retention.md#adaptive-or-static-policy-scopes-for-retention).

-When you choose to use adaptive scopes, you are prompted to select what type of adaptive scope you want. There are three different types of adaptive scopes and each one supports different attributes or properties:

-> For additional information about using the advanced query builder, see the following webinars:

- - If you are using the records management solution:

- - If you are using the data lifecycle management solution:

- - SITEPAGEPUBLISHING for modern communication sites

- - GROUP for Microsoft 365 group-connected sites

- - TEAMCHANNEL for Microsoft Teams private channel sites

- - STS for a classic SharePoint team site

- - SPSPERS for OneDrive sites

-2. Use either [Get-Recipient](/powershell/module/exchange/get-recipient) or [Get-Mailbox](/powershell/module/exchange/get-mailbox) with the *-Filter* parameter and your [OPATH query](/powershell/exchange/filter-properties) for the adaptive scope enclosed in curly brackets (`{`,`}`). If your attribute values are strings, enclose these values in double or single quotes.

- You can determine whether to use `Get-Mailbox` or `Get-Recipient` for validation by identifying which cmdlet is supported by the [OPATH property](/powershell/exchange/filter-properties) that you choose for your query.

- > `Get-Mailbox` does not support the *MailUser* recipient type, so `Get-Recipient` must be used to validate queries that include on-premises mailboxes in a hybrid environment.

- To validate a **User** scope, use either:

- - `Get-Mailbox` with `-RecipientTypeDetails UserMailbox` or

- - `Get-Recipient` with `-RecipientTypeDetails UserMailbox,MailUser`

- - `Get-Mailbox` or `Get-Recipient` with `-RecipientTypeDetails GroupMailbox`

-With the exception of Skype for Business, the default is that all instances for the selected locations are automatically included in the policy without you having to specify them as included.

-The **Exchange email** location supports retention for users' email, calendar, and other mailbox items, by applying retention settings at the level of a mailbox. Shared mailboxes are also supported.

-Resource mailboxes, contacts, and Microsoft 365 group mailboxes aren't supported for Exchange email. For Microsoft 365 group mailboxes, select the **Microsoft 365 Groups** location instead. Although the Exchange location initially allows a group mailbox to be selected for a static scope, when you try to save the retention policy, you receive an error that "RemoteGroupMailbox" is not a valid selection for this location.

-When you choose the **SharePoint sites** location, the policy for retention can retain and delete documents in SharePoint communication sites, team sites that aren't connected by Microsoft 365 groups, and classic sites. Unless you are using [adaptive policy scopes](#exceptions-for-adaptive-policy-scopes), Team sites connected by Microsoft 365 groups aren't supported with this option and instead, use the **Microsoft 365 Groups** location that applies to content in the group's mailbox, site, and files.

-If you use static scopes: Although the **Exchange email** location for a static scope initially allows you to specify a group mailbox to be included or excluded, when you try to save the retention policy, you'll see an error that "RemoteGroupMailbox" is not a valid selection for the Exchange location.

-To change the default because you want the retention policy to apply to either just the Microsoft 365 mailboxes, or just the connected SharePoint teams sites, use the [Set-RetentionCompliancePolicy](/powershell/module/exchange/set-retentioncompliancepolicy) PowerShell cmdlet with the *Applications* parameter with one of the following values:

- At this point, you can't exclude the site from the Microsoft 365 Groups location, because you can't specify the deleted group. If you need to release the retention policy from this site, contact Microsoft Support. For example, open a [service request in the Microsoft 365 Admin Center](https://admin.microsoft.com/Adminportal/Home#/support).

-When you configure a retention label or policy to retain content, you choose to retain items for a specific number of days, months (assumes 30 days for a month), or years. Or alternatively, retain the items forever. The retention period is not calculated from the time the policy was assigned, but according to the start of the retention period specified.

-At the end of the retention period, you choose whether you want the content to be permanently deleted. For example, for retention polices:

-In both cases, if your retention settings delete items, it's important to understand that the time period you specify is not calculated from the time the policy was assigned, but according to the start of the retention period specified. For example, from the time when the item was created or modified, or labeled.

-When you choose locations, with the exception of Skype for Business, the default setting is **All** when the status of the location is **On**.

-# Search the audit log in the compliance center

- > [!IMPORTANT]

- - For users assigned any other (non-E5) Office 365 or Microsoft 365 license, audit records are retained for 90 days. For a list of Office 365 and Microsoft 365 subscriptions that support unified audit logging, see [the security and compliance center service description](/office365/servicedescriptions/office-365-platform-service-description/office-365-securitycompliance-center).

-The tables in this section describe the activities that are audited in Microsoft 365. You can search for these events by searching the audit log in the security and compliance center.

-Content Search and eDiscovery-related activities that are performed in the security and compliance center or by running the corresponding PowerShell cmdlets are logged in the audit log. This includes the following activities:

-**Are there other ways to get auditing logs other than using the security and compliance center or the Office 365 Management Activity API?**

- | Destination |Specifies the SAS URL that you obtained in Step 1. <br/> Be sure to surround the value of this parameter with double-quotation marks (" ").<br/><br/>**Note:** If you use the SAS URL in a script or batch file, watch out for certain characters that need to be escaped. For example, you have to change `%` to `%%` and change `&` to `^&`.<br/><br/>**Tip:** (Optional) You can specify a subfolder in the Azure Storage location to upload the PST files to. You do this by adding a subfolder location (after "ingestiondata") in the SAS URL. The first example doesn't specify a subfolder. That means the PSTs are uploaded to the root (named *ingestiondata*) of the Azure Storage location. The second example uploads the PST files to a subfolder (named *PSTFiles*) in the root of the Azure Storage location. <br/><br/>**Examples**: <br/> `"https://3c3e5952a2764023ad14984.blob.core.windows.net/ingestiondata?sv=2012-02-12&amp;se=9999-12-31T23%3A59%3A59Z&amp;sr=c&amp;si=IngestionSasForAzCopy201601121920498117&amp;sig=Vt5S4hVzlzMcBkuH8bH711atBffdrOS72TlV1mNdORg%3D"` <br/> Or <br/> `"https://3c3e5952a2764023ad14984.blob.core.windows.net/ingestiondata/PSTFiles?sv=2012-02-12&amp;se=9999-12-31T23%3A59%3A59Z&amp;sr=c&amp;si=IngestionSasForAzCopy201601121920498117&amp;sig=Vt5S4hVzlzMcBkuH8bH711atBffdrOS72TlV1mNdORg%3D"` <br/> |

- | `--recursive` |This optional flag specifies the recursive mode so that the AzCopy tool copies PSTs files that are located in subfolders in the source directory that is specified by the source field. The default value for this flag is `true`. <br/>**Note:** If you include this flag, PST files in subfolders will have a different file pathname in the Azure Storage location after they're uploaded. You'll have to specify the exact file pathname in the CSV file that you create in Step 4.|

- | `TargetRootFolder` <br/> | Specifies the mailbox folder that the PST file is imported to. <br/> <br/> If you leave this parameter blank, the PST file will be imported to a new folder named **Imported** at the root level of the mailbox (the same level as the Inbox folder and the other default mailbox folders). <br/> <br/> If you specify `/`, the folders and items in the PST file are imported to the top of the folder structure in the target mailbox or archive. If a folder exists in the target mailbox (for example, default folders such as Inbox, Sent Items, and Deleted Items), the items in that folder in the PST are merged into the existing folder in the target mailbox. For example, if the PST file contains an Inbox folder, items in that folder are imported to the Inbox folder in the target mailbox. New folders are created if they don't exist in the folder structure for the target mailbox. <br/><br/> If you specify `/<foldername>`, items and folders in the PST file are imported to a folder named *\<foldername\>* . For example, if you use `/ImportedPst`, items would be imported to a folder named **ImportedPst**. This folder will be located in the user's mailbox at the same level as the Inbox folder. <br/><br/> **Tip:** Consider running a few test batches to experiment with this parameter so you can determine the best folder location to import PSTs files to. <br/> |(leave blank) <br/> Or <br/> `/` <br/> Or <br/> `/ImportedPst` <br/> |

- Start-ADSyncCycle

-<!--USGovDoD endpoints version 2022042800-->

-<!--File generated 2022-04-29 08:00:04.2241-->

-<!--USGovGCCHigh endpoints version 2022042800-->

-<!--File generated 2022-04-29 08:00:05.6638-->

-Windows Server 2016 (Modern) ²| <br /> Public preview| <br /> Public preview| <br /> Public preview

-Windows Server 2012 R2 (Modern) ²| <br /> Public preview| <br /> Public preview| <br /> Public preview

- - Microsoft Defender for Endpoint license assigned to the end user(s) of the app. See [Microsoft Defender for Endpoint licensing requirements](/microsoft-365/security/defender-endpoint/minimum-requirements#licensing-requirements)

-$query = 'RegistryEvents | limit 10' # Paste your own query here

-1. Once the Event Hub Namespace is created, you will need to add the App Registration Service Principal as Reader, Azure Event Hub Data Receiver, and the user who will be logging into Microsoft 365 Defender as Contributor (you can also do this at Resource Group or Subscription level).

- **Event-Hub Resource ID**: This value is the Event Hub Namespace Resource ID you recorded when you setup the Event Hub.

-Test Base for Microsoft 365 (Test Base) is MicrosoftΓÇÖs validation service based in the secure Azure environment.

-With Test Base, Software Vendors (SVs) and System Integrators (SIs) can accelerate the validation of their applications against pre-released Windows security and feature builds. This is a highly engaged collaboration between SV partners and Microsoft enabling joint testing, validation and remediation.

-Test Base provides a great opportunity to build and maintain a secure validation service on Azure, where customers and partners can stage and test their application's workloads against our pre-released security updates.

-With Test Base, SVs are provided with more visibility into potential issues that could hinder their application(s) from performing at its best on the new OS release before Microsoft releases the update to the market.

-This new service will help SVs make testing efforts simpler and more efficient. Enterprise customers will benefit from SV and Microsoft testing together in a collaborative environment and gain more confidence that their applications will work as expected.

-**Advantages Test Base offers Enterprises and their SV partners include**:

-## Guide to navigating the Test Base portal

-This guide is divided into four (4) parts to ensure a hitch free experience while using our service:

-1. The **Overview** which provides detailed, step-by-step guidelines on how to upload your application via our self-serve onboarding portal.

-2. The **Quickstarts** section, which provides information on the format for the zipped folder structure and what you need to know when preparing your test scripts.

-3. The **How-to guide** which provides detailed outline on how to use Test Base to infer test results.

-4. The **Reference** section that provides answers to the typical questions we receive from our customers.

-## Test Base has reached general availability

-Test Base has officially been declared General Availability during the Microsoft Ignite conference in November 2021.

-This means anyone with a valid enterprise Azure account is able to onboard their test collateral and quickly start testing their applications on the service.

-## Who should onboard?

-We're encouraging all Software Vendors (SVs), System Integrators (SIs) to onboard their applications, binaries, and test scripts onto the service.

-> [Next step](createaccount.md)