Category | Microsoft Docs article | Related commit history on GitHub | Change details |
---|---|---|---|
admin | Domain Connect | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/domain-connect.md | - Title: "Using Domain Connect"-- NOCSH--------- M365-subscription-management-- Adm_O365--- Adm_O365_Setup--- BCS160-- MET150-- MOE150 -description: "Learn how to work with Domain Connect enabled registrars and add your domain to Microsoft 365." ---# Using Domain Connect to add your domain to Microsoft 365 -- **[Check the Domains FAQ](../setup/domains-faq.yml)** if you don't find what you're looking for. --[Domain Connect](https://www.domainconnect.org/) enabled registrars let you add your domain to Microsoft 365 in a three-step process that takes minutes. --In the wizard, we'll just confirm that you own the domain, and then automatically set up your domain's records, so email comes to Microsoft 365 and other Microsoft 365 services, like Teams, work with your domain. --> [!NOTE] -> Make sure you disable any popup blockers in your browser before you start the setup wizard. --## Domain Connect registrars integrating with Microsoft 365 --- [1&1 IONOS](https://www.1and1.com/)-- [123Reg](https://www.123-reg.co.uk/)-- [GoDaddy](https://www.godaddy.com/)-- [WordPress](https://wordpress.com/)-- [Plesk](https://www.plesk.com/)-- [MediaTemple](https://mediatemple.net/)-- SecureServer or WildWestDomains (GoDaddy resellers using SecureServer DNS hosting)- - [MadDog Web Hosting](https://maddogwebhosting.com/domains/) - - [CheapNames](https://www.cheapnames.com) --## What happens to my email and website? --After you finish setup, the MX record for your domain is updated to point to Microsoft 365 and all email for your domain will start coming to Microsoft 365. Make sure you've added users and set up mailboxes in Microsoft 365 for everyone who gets email on your domain! --If you have a website that you use with your business, it will keep working where it is. The Domain Connect setup steps don't affect your website. |
admin | Move A Domain | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/move-a-domain.md | - Title: "Move a domain verified in an unmanaged account"-- CSH-------- M365-subscription-management -- Adm_O365-- Adm_NonTOC--- AdminSurgePortfolio-- AdminTemplateSet-- BCS160-- MET150-- MOE150 -description: "Learn how to join an unmanaged account to remove the domain from the account and add the domain to your account." ---# Move a domain verified in an unmanaged account -- **[Check the Domains FAQ](../setup/domains-faq.yml)** if you don't find what you're looking for. --If you're an admin and you've tried to add a domain to your Microsoft 365 account, but you're blocked because the domain is verified for an unmanaged account, you can become the admin on the unmanaged account to remove the domain and add it to your account. --> [!NOTE] -> A self-service sign up for any cloud service that uses Azure AD adds the user to an unmanaged or "shadow" Azure AD directory and creates an unmanaged account. An unmanaged account is a directory without a global administrator. To determine whether an account is managed or unmanaged, see [Determining Tenant Type](/power-platform/admin/powerapps-gdpr-dsr-guide-systemlogs#determining-tenant-type). - -## Before you begin --Sometimes you can't add a domain to your organization account because someone else has already signed up for Microsoft 365 using an email address associated with that domain name. But you can remove the domain from the other, unmanaged account and add it to your organization account. --First, you'll need to join the unmanaged account and become an admin for that account (Steps 1 - 3). Then you can remove the domain from the account (Step 4), sign back into your organization account, and add the domain to your account (Step 5). --## Step 1: Get an invitation to join the unmanaged account --After you try to add a domain to your account, you might receive a message that someone has already signed up for Microsoft 365 using the email address. Step 1 is to request an invitation to join the other account and begin the process of performing an admin takeover. --1. Go to the Microsoft 365 admin center > **Settings** > **Domains** > **+ Add domain**, and add the domain name. --1. If you see a message that you can't add the domain because other people have already signed up using an email address for the domain, enter your account username, and then select **Send me the invitation**. --1. Sign out of your current account, so you can sign into the unmanaged account. -- Check your email for an invitation to help you join the unmanaged account, and select the link provided in the email. -- Enter the **verification code** from the email to validate your email address. --## Step 2: Complete signup with email instructions --1. When you enter the verification code, you'll be brought to a page where you can create a new account. --2. Fill in the username and password fields with the account that you want to use, and then complete the steps to create the account. --## Step 3: Verify domain ownership and become the admin --1. After you complete Step 2, select the admin center icon in the left navigation pane (alternatively, go to a browser and type in `https://admin.microsoft.com`). -- You're redirected to the admin takeover wizard. --1. Select **Next** and verify that you own the domain you want to take over by adding a TXT record to your domain registrar. -- The wizard will give you the TXT record to add, as well as provide a link to your registrar's website, and a link to step-by-step instructions. --1. On the **You're now the admin** page, select **Go to the admin center**. -- You now have the admin privileges required to remove the domain from the formerly unmanaged account. --## Step 4: Remove a domain from the unmanaged account --1. Go to **Users** > **Active users** for the account you joined in Step 2, and then select the Display name for the username you're logged in with. --1. Under **Username**, select **Manage username**, and move the user to the onmicrosoft domain by choosing the onmicrosoft.com domain from the dropdown list. --1. Sign out of the account and sign back in using the new `username@account.onmicrosoft.com`. --1. Select **Settings** > **Domains**, locate the domain you want to add to the other account and select **Remove domain**. -- If you're asked to select another domain as the default, choose the onmicrosoft.com domain. -- If other users are using the domain, you must remove them. Choose from the options to **Automatically remove**, manually move the users to your domain, or remove the users completely. -- > [!NOTE] - > Check back as it can take some time for the domain to be removed from the account. Removal is complete when the domain disappears from the account. --1. Sign out of the account. --## Step 5: Add the domain to your account --1. Log in to the account where you want to add the domain. --1. Select **Settings** > **Domains** > **+ Add domain**, and then enter the domain name to continue with wizard steps to verify domain ownership in this account and complete adding the domain to your account. - -## Related content --[Perform an internal admin takeover](become-the-admin.md) (article) |
admin | Sign Up For Online Services | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/sign-up-for-online-services.md | - Title: "Your domain may be in use if someone else signed up with it"-- NOCSH-------- M365-subscription-management -- Adm_O365-- Adm_NonTOC--- BCS160-- MET150-- MOE150 -description: "Learn to use work or school email to sign up for Microsoft online services without involving their IT department. " ---# Your domain may be in use if someone else signed up with it --Users with a work or school email can [sign up for some Microsoft online services](self-service-sign-up.md) without involving their IT department. For example, services like Office 365, Power BI, and Rights Management Services. By completing self-service signup, which they do by providing their work or school email address, they have access to functionality included in the service but they can't administer the service (add users, add licenses, manage the domain, and so on). - -To get the ability to administer the environment, an eligible admin can [take over control of the account](become-the-admin.md). They do this by verifying that they own the domain that was included in the work or school email addresses people used when they signed up and, in some cases, buying licenses for the service. - -## How does the self-service signup work? -- When someone signs up using a work or school-related email address, such as sara@contoso.com, the domain portion of that email address (contoso.com, in this example) is used as their Office 365 domain name. - -All other users who sign up with an email address on that same domain (say, rob@contoso.com) are added to the same account. - -Both Sara and Rob can use the service they signed up for, but they can't manage the service. For example, they can't purchase more licenses, add new users, or enforce policies on other users. - - |
admin | Sign Up With A Personal Email Address | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/sign-up-with-a-personal-email-address.md | - Title: "Signing up for Office 365 with a personal email address"-- NOCSH-------- highpri-- Adm_O365-- Adm_NonTOC--- VSBFY23-- AdminSurgePortfolio-- MET150-- MOE150- -description: "Learn how to sign up for Office 365 with your personal email address, if you don't prefer to add a custom domain. " ---# Signing up for Office 365 with a personal email address --## When you skip adding a custom domain ---When you sign up for Office 365 with your personal email address and skip adding [a custom domain](../get-help-with-domains/what-is-a-domain.md) for now, you limit your access to certain features. --If you choose to add a custom domain now, you get access to all the premium features below: --|**Feature**|**Office 365 with personal email**|**Office 365 with custom domain**| -|:--|:--|:--| -|**OneDrive <sup>1, 2</sup>**| [Personal OneDrive](https://onedrive.live.com/about/plans/)| [OneDrive for Business](https://onedrive.live.com/about/en-us/business/) | -|**Office applications: Word, Excel, PowerPoint, OneNote, Outlook, Access (PC only),**| Yes | Yes -|**Business applications <sup>3</sup> : Microsoft Bookings and MileIQ**| No | Yes -|**Access to Microsoft 365 admin center**| Limited Access (Billing, Support, and Domain setup) | Yes -|**Add Users**| No | Yes -|**Office 365 -|**Security and Compliance tools**| No | Yes --> <sup>1</sup> You'll need to migrate your [Personal OneDrive files over to OneDrive for Business](move-email-and-data-to-office-365-business-premium.md).<br/> -> <sup>2</sup> For information on how your data will be handled, see the [Privacy Statement](https://g.microsoftonline.com/0BX20en/138). Use of OneDrive is governed by the [Microsoft Services Agreement](https://signup.live.com/signup?ru=https://login.live.com/oauth20_authorize.srf?lc%3d1033%26response_type%3dcode%26client_id%3d51483342-085c-4d86-bf88-cf50c7252078%26scope%3dopenid%2bprofile%2bemail%2boffline_access%26response_mode%3dform_post%26redirect_uri%3dhttps://login.microsoftonline.com/common/federation/oauth2%26state%3drQIIAXWRO2_TUACFc_NSUyGoEBKVEFIHJCSQk-vrR-JIHdLWSdPGaR426TVDZCeO7TjX17Ld5rGzd47EwgLqyFLED2DolBFVMIOYEBMjaXeWM5zvDEfnvEixebb8jOd4wSiaEiMZIsfwEgsZg0ciwwmcyCHIDgXIhQ83t64-PP_-ZvtGvnr04-uX8yedJcj1J-65lR9QcgkeO3EcROVCYTqd5ulo5A7uQOETACsAfgKwTGYsn9G6l8lI5EReYIWSCDmuJIhIKuYxkae6OiT6WIkx6nhNF0K80McN1eYVtR0rB56goKqD1YqgE5lde3wTVb071pOh3oWwSapuo3fkKKS-9vAcIwzx2JlgtT67ST44qZzFDroVGroL608yN6Ih6Qc0ipep9-AksPz6cJ_6vjWI87cxy4_dgRG71G-FNLDC2LWiXbOrtHuKZ7W0_nlgtvwOPZYJU-_7HsIYmWhPY2XSOz2WGh27PzY0ElRHbXgoOqo-N0Rq8KpNTbuzPy_CU1k7VJslRgtmc143vS6vwBrlup0SrYa-ViPzOdNTJHl_OGAachhVhnsz9WMqu56VUP86dX9dyneHO0FIR-7EWqXBr_Q9mCpvbGxuJbYTO4m_afAus36u-1qsZVblo7ffELCfgsR1pkCw8yps8Mh7SaJJaTGxXQU6MB7jakM_iyYHLQVJbRya07a9K5XZiyy4yGZ_ZxOfc_87-h81%26estsfed%3d1%26uaid%3ddd27a8b7188545dab714e7d8c6761b52%26lw%3d1%26fl%3deasi2%26mkt%3den-US&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=51483342-085c-4d86-bf88-cf50c7252078&uaid=dd27a8b7188545dab714e7d8c6761b52&lic=1). The [Microsoft Online Subscription Agreement](https://admin.microsoft.com/Commerce/Mosa.aspx?cc2=US&cl=en&cc=en-US&gcc=False) governs all the other services included with your subscription.<br/> -> <sup>3</sup> Some business applications aren't available in all regions.<br/> --## How to add a domain --In the admin center, go to **Setup** > <a href="https://go.microsoft.com/fwlink/p/?linkid=834818" target="_blank">Domains</a> > **Add domain**. --- |
admin | Install Applications | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/setup/install-applications.md | |
admin | O365 Setup Wizard And Setup Page | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/setup/o365-setup-wizard-and-setup-page.md | - Title: "Difference between the setup wizard and the Setup page"-- NOCSH-------- M365-subscription-management-- Adm_O365-- Adm_TOC-- Adm_O365_Setup--- MET150-- MOE150-- BEA160 -description: "Learn the difference between the setup wizard and the Setup page." ---# Difference between the setup wizard and the Setup page --Microsoft 365 provides two setup experiences: --- Initial setup using the setup wizard-- Ongoing and advanced setup using the **Setup** page--The setup wizard provides a guided walkthrough for setting up the basic Microsoft 365 configuration. After you complete the initial setup, you can go to the **Setup** page to finish setting up and configuring the services that come with your subscriptions. --## Use the setup wizard to complete initial setup tasks --To set up your account, go to the [admin center](https://go.microsoft.com/fwlink/p/?linkid=2024339), select **Setup** in the left navigation pane, and then select **Guided setup** on the **Setup** page. --![Start the Microsoft 365 Apps for business setup wizard.](../../media/o365b-guided-setup.png) --The setup wizard guides you through the following steps: --1. Install the Microsoft 365 apps on your computer. --2. Choose and verify your domain, such as contoso.com. --3. Add new users and assign licenses to them so that they can download and install Microsoft 365 apps. --4. Connect your domain. --## Use the Setup page to complete and manage your configuration --To access the **Setup** page in the [admin center](https://go.microsoft.com/fwlink/p/?linkid=2024339), select **Setup** in the navigation pane. Based on products you've purchased, features you've set up, and your admin role, tasks and related information from across Microsoft 365 are surfaced here. --You'll see the complete list of setup tasks arranged in logical categories, including those that you completed in the setup wizard. --![Microsoft 365 for business Setup page.](../../media/o365b-setup-page.png) --Choose **View** for any task to get at-a-glance information, such as task description, user impact, prerequisites, effort to implement, and security and adoption statistics to help you understand consequences and impact before proceeding. --You'll also see the status of the task (**Started**, **Not started yet**, or **Completed**). If you're multi-tasking, working on tasks over several days, or if there are multiple admins working on tasks, you can track completion by seeing at a glance which tasks have been completed and which ones still require attention. --For access to comprehensive articles about the features you're setting up, select any of the **Learn more** links. The collection of tasks is always here, so you can return to the **Setup** page at any time to explore resources further. --When you're ready to complete a task, select **Get started** to walk through the configuration process. Once you complete a task, the **Get started** button changes to a **Manage** button, allowing you to manage the task, as needed. --![Task view showing at-a-glance information.](../../media/o365b-at-a-glance.png) |
compliance | Acknowledge Hold Notification | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/acknowledge-hold-notification.md | Title: "Acknowledge a hold notification" +description: Learn how to use eDiscovery (Premium) to send and follow up on legal hold notifications through email, as well as monitor obligation status. f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 ms.assetid: - seo-marvel-apr2020-description: Learn how to use eDiscovery (Premium) to send and follow up on legal hold notifications through email, as well as monitor obligation status. # Acknowledge a hold notification |
compliance | Add Custodians To Case | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/add-custodians-to-case.md | Title: Add custodians to an eDiscovery (Premium) case +description: "Learn how to use the built-in custodian management tool in Microsoft Purview eDiscovery (Premium) to coordinate your workflows and identify relevant data sources in a case." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 ms.assetid: -description: "Learn how to use the built-in custodian management tool in Microsoft Purview eDiscovery (Premium) to coordinate your workflows and identify relevant data sources in a case." |
compliance | Add Data To Review Set From Another Review Set | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/add-data-to-review-set-from-another-review-set.md | Title: "Add data from one review set to another" +description: "Learn how to select documents from one review set and work with them individually in another set in an Microsoft Purview eDiscovery (Premium) case." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Learn how to select documents from one review set and work with them individually in another set in an Microsoft Purview eDiscovery (Premium) case." - seo-marvel-mar2020 - seo-marvel-apr2020 |
compliance | Add Data To Review Set | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/add-data-to-review-set.md | Title: "Add search results to a review set" +description: Learn how to add search results or samples of those search results to an eDiscovery (Premium) case review set f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 - seo-marvel-apr2020-description: Learn how to add search results or samples of those search results to an eDiscovery (Premium) case review set. # Add search results to a review set |
compliance | Add Or Remove Members From A Case In Advanced Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/add-or-remove-members-from-a-case-in-advanced-ediscovery.md | Title: "Add or remove members from a case" +description: "Learn how to add or remove the members who can access a case when managing an eDiscovery (Premium) case." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Learn how to add or remove the members who can access a case when managing an eDiscovery (Premium) case." # Add or remove members from a case |
compliance | Advanced Audit | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-audit.md | Title: "Microsoft Purview Audit (Premium)" +description: "Microsoft Purview Audit (Premium) provides new auditing capabilities to help your organization with forensic and compliance investigations." f1.keywords: - NOCSH +- tier1 - M365-security-compliance-- SPO_Content - m365solution-audit-- m365initiative-compliance+- audit search.appverid: - MOE150 - MET150-description: "Microsoft Purview Audit (Premium) provides new auditing capabilities to help your organization with forensic and compliance investigations." # Microsoft Purview Audit (Premium) |
compliance | Advanced Ediscovery Cloud Attachments | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-cloud-attachments.md | Title: "Collect cloud attachments in eDiscovery (Premium)" +description: "Use collections in Microsoft Purview eDiscovery (Premium) to collect cloud attachments for review in an investigation or case." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Use collections in Microsoft Purview eDiscovery (Premium) to collect cloud attachments for review in an investigation or case." # Collect cloud attachments in Microsoft Purview eDiscovery (Premium) |
compliance | Advanced Ediscovery Communications Library | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-communications-library.md | Title: "Manage custodian communications templates in the Communications library in eDiscovery (Premium)" +description: "You can add custodian communications templates (such as a template for hold notification) in eDiscovery (Premium) so they can be used in any case in your organization." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "You can add custodian communications templates (such as a template for hold notification) in eDiscovery (Premium) so they can be used in any case in your organization." # Manage custodian communications templates in eDiscovery (Premium) |
compliance | Advanced Ediscovery Dashboard | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-dashboard.md | Title: "eDiscovery (Premium) dashboard for review sets" +description: "Use the Microsoft Purview eDiscovery (Premium) dashboard for review sets to quickly analyze your corpus to identify trends or key statistics that will help you develop your review strategy." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Use the Microsoft Purview eDiscovery (Premium) dashboard for review sets to quickly analyze your corpus to identify trends or key statistics that will help you develop your review strategy." # eDiscovery (Premium) dashboard for review sets |
compliance | Advanced Ediscovery Historical Versions | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-historical-versions.md | Title: "Set up historical versions in eDiscovery (Premium)" +description: "Use historical versions in eDiscovery (Premium) to collect content from all versions of documents stored in SharePoint and OneDrive." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Use historical versions in eDiscovery (Premium) to collect content from all versions of documents stored in SharePoint and OneDrive." # Set up historical versions in eDiscovery (Premium) (preview) |
compliance | Advanced Ediscovery Issuing Officers | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-issuing-officers.md | Title: "Manage issuing officers in eDiscovery (Premium)" +description: "You can add organization-wide issuing officers in eDiscovery (Premium) so they can be added to any custodial communication in any case in your organization." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "You can add organization-wide issuing officers in eDiscovery (Premium) so they can be added to any custodial communication in any case in your organization." # Manage issuing officers in eDiscovery (Premium) |
compliance | Advanced Ediscovery New Case Format | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-new-case-format.md | Title: "New case format in eDiscovery (Premium)" +description: "Use the new case format in eDiscovery (Premium) so you can add more items to review sets and take advantage of other increased limits and new functionality." f1.keywords: - NOCSH Previously updated : audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Use the new case format in eDiscovery (Premium) so you can add more items to review sets and take advantage of other increased limits and new functionality." # Use the new case format in eDiscovery (Premium) |
compliance | Alert Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/alert-policies.md | +- tier1 - M365-security-compliance search.appverid: - MET150 |
compliance | Analyzing Data In Review Set | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/analyzing-data-in-review-set.md | Title: "Analyze data in a review set in eDiscovery (Premium)" +description: Learn about the tools available to organize document sets when analyzing an Microsoft Purview eDiscovery (Premium) case. f1.keywords: - NOCSH Previously updated : audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150--description: Learn about the tools available to organize document sets when analyzing an Microsoft Purview eDiscovery (Premium) case. |
compliance | Apply Retention Labels Automatically | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/apply-retention-labels-automatically.md | +- tier1 - SPO_Content search.appverid: - MOE150 |
compliance | Apply Sensitivity Label Automatically | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/apply-sensitivity-label-automatically.md | Last updated ms.localizationpriority: high - M365-security-compliance+- tier1 search.appverid: |
compliance | Archive 17A 4 Blackberry Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-blackberry-data.md | Title: "Set up a connector to archive BlackBerry data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 BlackBerry DataParser connector to import and archive BlackBerry data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 BlackBerry DataParser connector to import and archive BlackBerry data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive BlackBerry data |
compliance | Archive 17A 4 Bloomberg Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-bloomberg-data.md | Title: "Set up a connector to archive Bloomberg data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 Bloomberg DataParser connector to import and archive Bloomberg data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 Bloomberg DataParser connector to import and archive Bloomberg data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Bloomberg data |
compliance | Archive 17A 4 Cisco Jabber Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-cisco-jabber-data.md | Title: "Set up a connector to archive Cisco Jabber data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 Cisco Jabber DataParser connector to import and archive Cisco Jabber data in Microsoft 365." f1.keywords: - NOCSH Previously updated : audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 Cisco Jabber DataParser connector to import and archive Cisco Jabber data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Cisco Jabber data |
compliance | Archive 17A 4 Factset Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-factset-data.md | Title: "Set up a connector to archive FactSet data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 FactSet DataParser connector to import and archive FactSet data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 FactSet DataParser connector to import and archive FactSet data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive FactSet data |
compliance | Archive 17A 4 Fuze Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-fuze-data.md | Title: "Set up a connector to archive Fuze data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 Fuze DataParser connector to import and archive Fuze data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 Fuze DataParser connector to import and archive Fuze data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Fuze data |
compliance | Archive 17A 4 Fxconnect Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-fxconnect-data.md | Title: "Set up a 17a-4 DataParser connector to archive FX Connect data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 FX Connect DataParser connector to import and archive FX Connect data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 FX Connect DataParser connector to import and archive FX Connect data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive data from FX Connect |
compliance | Archive 17A 4 Ice Im Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-ice-im-data.md | Title: "Set up a connector to archive ICE Connect Chat data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 ICE Connect Chat DataParser connector to import and archive ICE Connect Chat data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 ICE Connect Chat DataParser connector to import and archive ICE Connect Chat data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive ICE Connect Chat data |
compliance | Archive 17A 4 Investedge Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-investedge-data.md | Title: "Set up a connector to archive InvestEdge data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 InvestEdge DataParser connector to import and archive InvestEdge data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 InvestEdge DataParser connector to import and archive InvestEdge data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive InvestEdge data |
compliance | Archive 17A 4 Liveperson Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-liveperson-data.md | Title: "Set up a connector to archive LivePerson Conversational Cloud data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 LivePerson Conversational Cloud DataParser connector to import and archive LivePerson Conversational Cloud data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 LivePerson Conversational Cloud DataParser connector to import and archive LivePerson Conversational Cloud data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive LivePerson Conversational Cloud data |
compliance | Archive 17A 4 Quip Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-quip-data.md | Title: "Set up a connector to archive Quip data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 Quip DataParser connector to import and archive Quip data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 Quip DataParser connector to import and archive Quip data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Quip data |
compliance | Archive 17A 4 Refinitiv Messenger Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-refinitiv-messenger-data.md | Title: "Set up a connector to archive Refinitiv Eikon Messenger data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 Refinitiv Eikon Messenger DataParser connector to import and archive this data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 Refinitiv Eikon Messenger DataParser connector to import and archive this data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Refinitiv Eikon Messenger data |
compliance | Archive 17A 4 Servicenow Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-servicenow-data.md | Title: "Set up a connector to archive ServiceNow 17a-4 DataParser data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 ServiceNow DataParser connector to import and archive ServiceNow data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 ServiceNow DataParser connector to import and archive ServiceNow data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive data from ServiceNow |
compliance | Archive 17A 4 Skype For Business Server Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-skype-for-business-server-data.md | Title: "Set up a connector to archive Skype for Business Server data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 Skype for Business Server DataParser connector to import and archive Skype for Business Server data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 Skype for Business Server DataParser connector to import and archive Skype for Business Server data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Skype for Business Server data |
compliance | Archive 17A 4 Slack Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-slack-data.md | Title: "Set up a connector to archive Slack data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 Slack DataParser connector to import and archive Slack data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 Slack DataParser connector to import and archive Slack data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Slack data |
compliance | Archive 17A 4 Sql Database Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-sql-database-data.md | Title: "Set up a connector to archive SQL data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 SQL DataParser connector to import and archive SQL data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 SQL DataParser connector to import and archive SQL data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive SQL data |
compliance | Archive 17A 4 Symphony Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-symphony-data.md | Title: "Set up a Symphony DataParser connector to archive data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 Symphony DataParser connector to import and archive Symphony data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 Symphony DataParser connector to import and archive Symphony data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive data from Symphony |
compliance | Archive 17A 4 Webex Teams Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-webex-teams-data.md | Title: "Set up a connector to archive Cisco Webex data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 Cisco Webex DataParser connector to import and archive Cisco Webex data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 Cisco Webex DataParser connector to import and archive Cisco Webex data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Cisco Webex data |
compliance | Archive 17A 4 Zoom Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-zoom-data.md | Title: "Set up a connector to archive Zoom data in Microsoft 365" +description: "Learn how to set up and use a 17a-4 Zoom DataParser connector to import and archive Zoom data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a 17a-4 Zoom DataParser connector to import and archive Zoom data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Zoom data |
compliance | Archive Android Archiver Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-android-archiver-data.md | Title: "Set up a connector to archive Android mobile data" +description: "Admins can set up a TeleMessage connector to import and archive SMS, MMS, and voice calls from Android mobile phones. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a TeleMessage connector to import and archive SMS, MMS, and voice calls from Android mobile phones. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Android mobile data |
compliance | Archive Att Network Archiver Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-att-network-archiver-data.md | Title: "Set up a connector to archive AT&T SMS/MMS Network data" +description: "Admins can set up a TeleMessage connector to import and archive SMS and MMS data from the AT&T Mobile Network. This lets you archive data from third-party data sources in Microsoft Purview so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a TeleMessage connector to import and archive SMS and MMS data from the AT&T Mobile Network. This lets you archive data from third-party data sources in Microsoft Purview so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive AT&T SMS/MMS data |
compliance | Archive Bell Network Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-bell-network-data.md | Title: "Set up a connector to archive Bell SMS/MMS Network data" +description: "Admins can set up a TeleMessage connector to import and archive SMS and MMS data from the Bell Network. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a TeleMessage connector to import and archive SMS and MMS data from the Bell Network. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Bell Network data |
compliance | Archive Bloomberg Message Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-bloomberg-message-data.md | Title: "Set up a connector to archive Bloomberg Message data" +description: "Administrators can set up a data connector to import and archive data from the Bloomberg Message email tool in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, Content Search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Administrators can set up a data connector to import and archive data from the Bloomberg Message email tool in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, Content Search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Bloomberg Message data |
compliance | Archive Celltrust Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-celltrust-data.md | Title: "Set up a connector to archive CellTrust data in Microsoft 365" +description: "Admins can set up a connector to import and archive CellTrust data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive CellTrust data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive CellTrust data |
compliance | Archive Ciscojabberonmssql Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ciscojabberonmssql-data.md | Title: "Set up a connector to archive Cisco Jabber on MS SQL data in Microsoft 365" +description: "Admins can set up a connector to import and archive Cisco Jabber on MS SQL data from Veritas in Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive Cisco Jabber on MS SQL data from Veritas in Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Cisco Jabber on MS SQL data |
compliance | Archive Ciscojabberonoracle Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ciscojabberonoracle-data.md | Title: "Set up a connector to archive Cisco Jabber on Oracle data in Microsoft 365" +description: "Learn how to set up and use a connector in the Microsoft Purview compliance portal to import and archive data from Cisco Jabber on Oracle to Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a connector in the Microsoft Purview compliance portal to import and archive data from Cisco Jabber on Oracle to Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Cisco Jabber on Oracle data |
compliance | Archive Ciscojabberonpostgresql Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ciscojabberonpostgresql-data.md | Title: "Set up a connector to archive Cisco Jabber on PostgreSQL data in Microsoft 365" +description: "Learn how to set up and use a connector in the Microsoft Purview compliance portal to import and archive data from Cisco Jabber on PostgreSQL to Microsoft 365." f1.keywords: - NOCSH +- tier1 +- M365-security-compliance +- data-connectors -description: "Learn how to set up and use a connector in the Microsoft Purview compliance portal to import and archive data from Cisco Jabber on PostgreSQL to Microsoft 365." # Set up a connector to archive Cisco Jabber on PostgreSQL data |
compliance | Archive Data From Celltrustsl2 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-data-from-celltrustsl2.md | Title: "Archive data from the CellTrust SL2 platform to Microsoft 365" +description: "Learn how to set up and use a CellTrust SL2 data connector to import and archive mobile communications data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a CellTrust SL2 data connector to import and archive mobile communications data." ++- tier1 +- M365-security-compliance +- data-connectors # Archive data from CellTrust SL2 to Microsoft 365 The first step is to create a data connector in the compliance portal. 2. On the **Overview** tab, click **Filter** and select **By CellTrust**, and then apply the filter. - ![Configure filter to display CellTrust connectors.](../media/DataConnectorsFilter.png) + ![Configure filter to display CellTrust connectors.](../media/dataconnectorsFilter.png) 3. Click **CellTrust SL2 (preview)**. |
compliance | Archive Eml Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-eml-data.md | Title: "Set up a connector to archive EML data in Microsoft 365" +description: "Admins can set up a connector to import and archive EML data from Veritas into Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive EML data from Veritas into Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive EML data |
compliance | Archive Enterprise Number Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-enterprise-number-data.md | Title: "Set up a connector to archive data from the TeleMessage Enterprise Number Archiver" +description: "Admins can set up a connector to import and archive SMS and MMS data from TeleMessage Enterprise Number Archiver. This lets you archive data from third-party data sources in Microsoft Purview so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive SMS and MMS data from TeleMessage Enterprise Number Archiver. This lets you archive data from third-party data sources in Microsoft Purview so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Enterprise Number data |
compliance | Archive Facebook Data With Sample Connector | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-facebook-data-with-sample-connector.md | Title: "Set up a connector to archive Facebook data" +description: "Learn how to set up & use a connector in the Microsoft Purview compliance portal to import & archive data from Facebook Business pages to Microsoft 365." f1.keywords: - NOCSH +- tier1 +- M365-security-compliance +- data-connectors -description: "Learn how to set up & use a connector in the Microsoft Purview compliance portal to import & archive data from Facebook Business pages to Microsoft 365." # Set up a connector to archive Facebook data (preview) |
compliance | Archive Fxconnect Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-fxconnect-data.md | Title: "Set up a connector to archive FX Connect data in Microsoft 365" +description: "Admins can set up a connector to import and archive data from Veritas FX Connect in Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive data from Veritas FX Connect in Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive FX Connect data |
compliance | Archive Icechat Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-icechat-data.md | Title: "Set up a connector to archive ICE Chat data" +description: "Admins can set up a connector to import and archive data from the ICE Chat tool into Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive data from the ICE Chat tool into Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive ICE Chat data |
compliance | Archive Instant Bloomberg Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-instant-bloomberg-data.md | Title: "Set up a connector to archive Instant Bloomberg data" +description: "Learn how administrators can set up and use a data connector to import and archive data from the Instant Bloomberg chat tool into Microsoft 365." f1.keywords: - NOCSH -description: "Learn how administrators can set up and use a data connector to import and archive data from the Instant Bloomberg chat tool into Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Instant Bloomberg data |
compliance | Archive Linkedin Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-linkedin-data.md | Title: "Set up a connector to archive LinkedIn data" +description: "Learn how administrators can setup & use a native connector to import data from a LinkedIn Company Page to Microsoft 365." f1.keywords: - NOCSH +- tier1 +- M365-security-compliance +- data-connectors -description: "Learn how administrators can setup & use a native connector to import data from a LinkedIn Company Page to Microsoft 365." # Set up a connector to archive LinkedIn data |
compliance | Archive Mailboxes | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-mailboxes.md | f1_keywords: ms.localizationpriority: high -- Strat_O365_IP - M365-security-compliance+- tier1 description: "Learn about archive mailboxes to provide extra mailbox storage." |
compliance | Archive Mssqldatabaseimporter Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-mssqldatabaseimporter-data.md | Title: "Set up a connector to archive data from MS SQL Database" +description: "Admins can set up a connector to import and archive data from MS SQL Database. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive data from MS SQL Database. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive data from MS SQL Database |
compliance | Archive O2 Network Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-o2-network-data.md | Title: "Set up a connector to archive O2 Network data in Microsoft 365" +description: "Admins can set up a TeleMessage connector to import and archive SMS and MMS data from the O2 mobile network in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a TeleMessage connector to import and archive SMS and MMS data from the O2 mobile network in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive O2 Network data |
compliance | Archive Redtailspeak Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-redtailspeak-data.md | Title: "Set up a connector to archive Red tail Speak data in Microsoft 365" +description: "Admins can set up a connector to import and archive Red tail Speak data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive Red tail Speak data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Redtail Speak data |
compliance | Archive Reutersdealing Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-reutersdealing-data.md | Title: "Set up a connector to archive Reuters Dealing data in Microsoft 365" +description: "Admins can set up a connector to import and archive Reuters Dealing data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive Reuters Dealing data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Reuters Dealing data |
compliance | Archive Reuterseikon Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-reuterseikon-data.md | Title: "Set up a connector to archive Reuters Eikon data in Microsoft 365" +description: "Admins can set up a connector to import and archive Reuters Eikon data from Veritas in Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive Reuters Eikon data from Veritas in Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Reuters Eikon data |
compliance | Archive Reutersfx Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-reutersfx-data.md | Title: "Set up a connector to archive Reuters FX data in Microsoft 365" +description: "Admins can set up a connector to import and archive Reuters FX data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive Reuters FX data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Reuters FX data |
compliance | Archive Ringcentral Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ringcentral-data.md | Title: "Set up a connector to archive RingCentral data in Microsoft 365" +description: "Admins can set up a connector to import and archive RingCentral data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, eDiscovery, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive RingCentral data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, eDiscovery, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive RingCentral data |
compliance | Archive Rogers Network Archiver Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-rogers-network-archiver-data.md | Title: "Set up a connector to archive Rogers Network data in Microsoft 365" +description: "Admins can set up a TeleMessage connector to import and archive Rogers Network data in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a TeleMessage connector to import and archive Rogers Network data in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Rogers Network data |
compliance | Archive Salesforcechatter Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-salesforcechatter-data.md | Title: "Set up a connector to archive Salesforce Chatter data in Microsoft 365" +description: "Admins can set up a connector to import and archive Salesforce Chatter data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive Salesforce Chatter data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Salesforce Chatter data |
compliance | Archive Servicenow Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-servicenow-data.md | Title: "Set up a connector to archive ServiceNow data in Microsoft 365" +description: "Admins can set up a connector to import and archive ServiceNow data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive ServiceNow data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive ServiceNow data |
compliance | Archive Signal Archiver Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-signal-archiver-data.md | Title: "Set up a connector to archive Signal communications data in Microsoft 365" +description: "Admins can set up a TeleMessage connector to import and archive Signal communications data in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a TeleMessage connector to import and archive Signal communications data in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Signal communications data |
compliance | Archive Skypeforbusiness Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-skypeforbusiness-data.md | Title: "Set up a connector to archive Skype for Business data in Microsoft 365" +description: "Learn how to set up and use a connector in the Microsoft Purview compliance portal to import and archive data from Skype for Business to Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a connector in the Microsoft Purview compliance portal to import and archive data from Skype for Business to Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Skype for Business data |
compliance | Archive Slack Data Microsoft | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-slack-data-microsoft.md | Title: "Archive Slack eDiscovery data to Microsoft 365 using a data connector provided by Microsoft" +description: "Learn how to set up and use a Slack eDiscovery data connector provided by Microsoft to import and archive instant messaging data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Learn how to set up and use a Slack eDiscovery data connector provided by Microsoft to import and archive instant messaging data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Slack eDiscovery data (preview) |
compliance | Archive Slack Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-slack-data.md | Title: "Set up a connector to archive Slack eDiscovery data in Microsoft 365" +description: "Admins can set up a connector to import and archive data from Veritas Slack eDiscovery into Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive data from Veritas Slack eDiscovery into Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Slack eDiscovery data |
compliance | Archive Symphony Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-symphony-data.md | Title: "Set up a connector to archive Symphony data in Microsoft 365" +description: "Admins can set up a connector to import and archive data from Veritas Symphony into Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive data from Veritas Symphony into Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Symphony data |
compliance | Archive Telegram Archiver Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-telegram-archiver-data.md | Title: "Set up a connector to archive Telegram communications data in Microsoft 365" +description: "Admins can set up a TeleMessage connector to import and archive Telegram communications data in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a TeleMessage connector to import and archive Telegram communications data in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Telegram communications data |
compliance | Archive Telus Network Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-telus-network-data.md | Title: "Set up a connector to archive TELUS Network data in Microsoft 365" +description: "Admins can set up a TeleMessage connector to import and archive SMS data from the TELUS Network in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a TeleMessage connector to import and archive SMS data from the TELUS Network in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive TELUS Network data |
compliance | Archive Text Delimited Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-text-delimited-data.md | Title: "Set up a connector to archive text-delimited data in Microsoft 365" +description: "Admins can set up a connector to import and archive text-delimited data from Veritas into Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive text-delimited data from Veritas into Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive text-delimited data |
compliance | Archive Twitter Data With Sample Connector | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-twitter-data-with-sample-connector.md | Title: "Set up a connector to archive Twitter data" +description: "Learn how administrators can set up and use a native connector to import Twitter data into Microsoft 365." f1.keywords: - NOCSH +- tier1 +- M365-security-compliance +- data-connectors -description: "Learn how administrators can set up and use a native connector to import Twitter data into Microsoft 365." # Set up a Microsoft connector to archive Twitter data (preview) |
compliance | Archive Veritas Twitter Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-veritas-twitter-data.md | Title: "Set up a connector to archive Twitter data in Microsoft 365" +description: "Admins can set up a connector to import and archive Twitter data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, eDiscovery, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive Twitter data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, eDiscovery, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Twitter data (preview) |
compliance | Archive Verizon Network Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-verizon-network-data.md | Title: "Set up a connector to archive Verizon Network data in Microsoft 365" +description: "Admins can set up a TeleMessage connector to import and archive SMS and MMS data from the Verizon Network in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a TeleMessage connector to import and archive SMS and MMS data from the Verizon Network in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Verizon Network data |
compliance | Archive Webexteams Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-webexteams-data.md | Title: "Set up a connector to Webex Teams data in Microsoft 365" +description: "Admins can set up a connector to import and archive data from Veritas's Webex Teams connector in Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive data from Veritas's Webex Teams connector in Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Webex Teams data |
compliance | Archive Webpagecapture Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-webpagecapture-data.md | Title: "Set up a connector to archive webpage data in Microsoft 365" +description: "Admins can set up a connector to import and archive Webpage Capture data from Veritas in Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive Webpage Capture data from Veritas in Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive webpage data |
compliance | Archive Wechat Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-wechat-data.md | Title: "Set up a connector to archive WeChat data in Microsoft 365" +description: "Set up and use a connector in the Microsoft Purview compliance portal to import and archive WeChat data in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Set up and use a connector in the Microsoft Purview compliance portal to import and archive WeChat data in Microsoft 365." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive WeChat data |
compliance | Archive Whatsapp Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-whatsapp-data.md | Title: "Set up a connector to archive WhatsApp data in Microsoft 365" +description: "Admins can set up a TeleMessage connector to import and archive WhatsApp data in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a TeleMessage connector to import and archive WhatsApp data in Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive WhatsApp data |
compliance | Archive Workplacefromfacebook Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-workplacefromfacebook-data.md | Title: "Set up a connector to archive Workplace from Facebook data in Microsoft 365" +description: "Admins can set up a connector to import and archive data from Workplace from Facebook, which is archived on Veritas's Merge1 site, into Microsoft 365. Setting up a connector requires that you work with Veritas This connector lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive data from Workplace from Facebook, which is archived on Veritas's Merge1 site, into Microsoft 365. Setting up a connector requires that you work with Veritas This connector lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Workplace from Facebook data |
compliance | Archive Xip Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-xip-data.md | Title: "Set up a connector to archive XIP source data in Microsoft 365" +description: "Admins can set up a connector to import and archive XIP source data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive XIP source data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive XIP source data |
compliance | Archive Xslt Xml Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-xslt-xml-data.md | Title: "Set up a connector to archive XSLT/XML data in Microsoft 365" +description: "Admins can set up a connector to import and archive XSLT/XML data from Veritas in Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive XSLT/XML data from Veritas in Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive XSLT/XML data |
compliance | Archive Yieldbroker Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-yieldbroker-data.md | Title: "Set up a connector to archive Yieldbroker data in Microsoft 365" +description: "Admins can set up a connector to import and archive Yieldbroker data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive Yieldbroker data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, content search, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Yieldbroker data |
compliance | Archive Youtube Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-youtube-data.md | Title: "Set up a connector to archive YouTube data in Microsoft 365" +description: "Admins can set up a connector to import and archive YouTube data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, eDiscovery, and retention policies to manage third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive YouTube data from Veritas to Microsoft 365. This connector lets you archive data from third-party data sources in Microsoft 365. After your archive this data, you can use compliance features such as legal hold, eDiscovery, and retention policies to manage third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive YouTube data |
compliance | Archive Zoommeetings Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-zoommeetings-data.md | Title: "Set up a connector to archive Zoom Meetings data in Microsoft 365" +description: "Admins can set up a connector to import and archive data from Veritas Zoom Meetings into Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--description: "Admins can set up a connector to import and archive data from Veritas Zoom Meetings into Microsoft 365. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to archive Zoom Meetings data |
compliance | Archiving Third Party Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archiving-third-party-data.md | Title: "Use data connectors to import and archive third-party data in Microsoft 365" +description: "Learn how to import and archive third-party data from social media platforms, instant messaging platforms, and document collaboration platforms to Microsoft 365 mailboxes." f1.keywords: - NOCSH +- tier1 - M365-security-compliance-- m365initiative-compliance+- data-connectors search.appverid: - MOE150 - MET150 - seo-marvel-apr2020-description: "Learn how to import and archive third-party data from social media platforms, instant messaging platforms, and document collaboration platforms to Microsoft 365 mailboxes." + # Learn about connectors for third-party data |
compliance | Assessment In Relevance In Advanced Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/assessment-in-relevance-in-advanced-ediscovery.md | Title: "Understand Assessment in Relevance in eDiscovery (Premium)" +description: "Get an overview of the Assessment stage and its role in determining the richness of issues during Relevance training in Microsoft Purview eDiscovery (Premium)." f1.keywords: - NOCSH Previously updated : audience: Admin ms.localizationpriority: medium search.appverid: - MOE150 - MET150-description: "Get an overview of the Assessment stage and its role in determining the richness of issues during Relevance training in Microsoft Purview eDiscovery (Premium)." ++- tier1 +- M365-security-compliance +- ediscovery # Assessment in the Relevance module in eDiscovery (Premium) |
compliance | Assign Ediscovery Permissions | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/assign-ediscovery-permissions.md | Title: "Assign eDiscovery permissions in the Microsoft Purview compliance portal" +description: "Assign the permissions required to perform eDiscovery-related tasks using the Microsoft Purview compliance portal." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance+- ediscovery search.appverid: - MOE150 - MET150-description: "Assign the permissions required to perform eDiscovery-related tasks using the Microsoft Purview compliance portal." - seo-marvel-apr2020 - admindeeplinkCOMPLIANCE |
compliance | Attorney Privilege Detection | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/attorney-privilege-detection.md | Title: "Set up attorney-client privilege detection in eDiscovery (Premium)" +description: "Use the attorney-client privilege detection model to use the machine learning-based detection of privileged content when reviewing content in a Microsoft Purview eDiscovery (Premium) case." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Use the attorney-client privilege detection model to use the machine learning-based detection of privileged content when reviewing content in a Microsoft Purview eDiscovery (Premium) case." # Set up attorney-client privilege detection in eDiscovery (Premium) |
compliance | Audit Log Retention Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/audit-log-retention-policies.md | Title: "Manage audit log retention policies" +description: "Audit log retention policies are part of the new Microsoft Purview Audit (Premium) capabilities. An audit log retention policy lets you specify how long to retain audit logs in your organization." f1.keywords: - NOCSH +- tier1 - M365-security-compliance-- SPO_Content+- audit search.appverid: - MOE150 - MET150-description: "Audit log retention policies are part of the new Microsoft Purview Audit (Premium) capabilities. An audit log retention policy lets you specify how long to retain audit logs in your organization." # Manage audit log retention policies |
compliance | Audit Log Search Script | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/audit-log-search-script.md | Title: "Use a PowerShell script to search the audit log" +description: "Use a PowerShell script that runs the Search-UnifiedAuditLog cmdlet in Exchange Online to search the audit log. This script is optimized to return a large set of audit records each time you run it. The script exports these records to a CSV file that you can view or transform using Power Query in Excel." f1.keywords: - NOCSH +- tier1 - M365-security-compliance+- audit search.appverid: - MOE150 - MET150 - seo-marvel-apr2020 - admindeeplinkEXCHANGE-description: "Use a PowerShell script that runs the Search-UnifiedAuditLog cmdlet in Exchange Online to search the audit log. This script is optimized to return a large set of audit records each time you run it. The script exports these records to a CSV file that you can view or transform using Power Query in Excel." # Use a PowerShell script to search the audit log |
compliance | Audit New Search | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/audit-new-search.md | Title: "Audit new search" +description: "The Audit New Search validates the performance improvements, completeness, and consistency of results." f1.keywords: - NOCSH +- tier1 - M365-security-compliance+- audit search.appverid: - MOE150 - MET150 - seo-marvel-apr2020 - admindeeplinkEXCHANGE-description: "The Audit New Search validates the performance improvements, completeness, and consistency of results." # Audit New Search (preview) |
compliance | Auditing Solutions Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/auditing-solutions-overview.md | Title: "Microsoft Purview auditing solutions" +description: "Learn how to audit the activities of users and administrators in your Microsoft 365 organization." f1.keywords: - NOCSH +- tier1 - m365-security-compliance - m365solution-audit-- m365initiative-compliance - m365solution-overview+- audit search.appverid: - MOE150 - MET150-description: "Learn how to audit the activities of users and administrators in your Microsoft 365 organization." |
compliance | Auditing Troubleshooting Scenarios | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/auditing-troubleshooting-scenarios.md | Title: "Search the audit log to troubleshoot common scenarios" +description: "Learn how to use the Microsoft 365 audit log search tool to help troubleshoot common support issues for email accounts." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance+- audit search.appverid: - MET150 - MOE150 - seo-marvel-apr2020 - admindeeplinkEXCHANGE-description: "Learn how to use the Microsoft 365 audit log search tool to help troubleshoot common support issues for email accounts." # Search the audit log to investigate common support issues |
compliance | Auto Apply Retention Labels Scenario | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/auto-apply-retention-labels-scenario.md | +- tier1 - SPO_Content - admindeeplinkCOMPLIANCE |
compliance | Autoexpanding Archiving | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/autoexpanding-archiving.md | +- tier1 search.appverid: - MOE150 - MET150 |
compliance | Building Search Queries | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/building-search-queries.md | Title: Build search queries in eDiscovery (Premium) +description: "Use keywords and conditions to narrow the scope of the search when searching for data using eDiscovery (Premium) in Microsoft 365." f1.keywords: - NOCSH Previously updated : audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 -description: "Use keywords and conditions to narrow the scope of the search when searching for data using eDiscovery (Premium) in Microsoft 365." # Build search queries for collections in eDiscovery (Premium) |
compliance | Bulk Add Custodians | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/bulk-add-custodians.md | Title: "Import custodians to an eDiscovery (Premium) case" +description: "Use the bulk-import tool to quickly add multiple custodians and their associated data sources to a case in Microsoft Purview eDiscovery (Premium)." f1.keywords: - NOCSH Previously updated : audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 -description: "Use the bulk-import tool to quickly add multiple custodians and their associated data sources to a case in Microsoft Purview eDiscovery (Premium)." # Import custodians to an eDiscovery (Premium) case |
compliance | Bulk Create Publish Labels Using Powershell | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/bulk-create-publish-labels-using-powershell.md | +- tier1 - SPO_Content ms.localizationpriority: high search.appverid: |
compliance | Bulk Import External Contacts | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/bulk-import-external-contacts.md | Title: "Bulk import external contacts to Exchange Online" +description: "Learn how admins can use Exchange Online PowerShell and a CSV file to bulk import external contacts to the global address list." f1.keywords: - NOCSH search.appverid: - MOP150 ms.assetid: bed936bc-0969-4a6d-a7a5-66305c14e958 -description: "Learn how admins can use Exchange Online PowerShell and a CSV file to bulk import external contacts to the global address list." ++- tier1 +- M365-security-compliance +- import # Bulk import external contacts to Exchange Online |
compliance | Change The Hold Duration For An Inactive Mailbox | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/change-the-hold-duration-for-an-inactive-mailbox.md | +- tier2 search.appverid: - MOE150 - MET150 |
compliance | Change The Size Of Pst Files When Exporting Results | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/change-the-size-of-pst-files-when-exporting-results.md | Title: "Change the size of PST files when exporting eDiscovery search results" +description: "You can change the default size of PST files that are downloaded to your computer when you export eDiscovery search results." f1.keywords: - NOCSH ms.localizationpriority: medium search.appverid: - MOE150 - MET150-description: "You can change the default size of PST files that are downloaded to your computer when you export eDiscovery search results." ++- tier1 +- M365-security-compliance +- ediscovery # Change the size of PST files when exporting eDiscovery search results |
compliance | Check Your Content Search Query For Errors | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/check-your-content-search-query-for-errors.md | Title: "Check your search query for errors" +description: "Learn how to detect errors and typos in your keyword query for eDiscovery searches before running the search." f1.keywords: - NOCSH Previously updated : audience: Admin search.appverid: - MET150 ms.assetid: 88898874-e262-4c5c-b6d2-4e697497fc74 -description: "Learn how to detect errors and typos in your keyword query for eDiscovery searches before running the search." ++- tier1 +- M365-security-compliance +- ediscovery # Check your search query for errors |
compliance | Clone A Content Search | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/clone-a-content-search.md | Title: "Clone a Content Search" +description: "Use the PowerShell script in this article to quickly clone an existing Content Search in the Microsoft Purview compliance portal in Microsoft 365." f1.keywords: - NOCSH search.appverid: - MOE150 - MED150 - MET150 - seo-marvel-apr2020-description: "Use the PowerShell script in this article to quickly clone an existing Content Search in the Microsoft Purview compliance portal in Microsoft 365." ++- tier1 +- M365-security-compliance +- content-search # Clone a Content Search |
compliance | Close Or Delete Case | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/close-or-delete-case.md | Title: "Close or delete a case" +description: Learn what happens when an investigation or legal case supported by a Microsoft Purview eDiscovery (Premium) case is closed or deleted. f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: Learn what happens when an investigation or legal case supported by a Microsoft Purview eDiscovery (Premium) case is closed or deleted. |
compliance | Close Reopen Delete Core Ediscovery Cases | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/close-reopen-delete-core-ediscovery-cases.md | Title: "Close, reopen, and delete eDiscovery (Standard) cases" +description: "This article describes how to manage eDiscovery (Standard) cases. This includes closing a case, reopening a closed case, and deleting a case." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance-- SPO_Content+- ediscovery search.appverid: - MOE150 - MET150-description: "This article describes how to manage eDiscovery (Standard) cases. This includes closing a case, reopening a closed case, and deleting a case." # Close, reopen, and delete a eDiscovery (Standard) case |
compliance | Collection Statistics Reports | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/collection-statistics-reports.md | Title: "Collection statistics and reports" +description: "Learn how to access and use statistics and reports for draft collections and collections that have been committed to a review set in Microsoft Purview eDiscovery (Premium)." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Learn how to access and use statistics and reports for draft collections and collections that have been committed to a review set in Microsoft Purview eDiscovery (Premium)." # Collection statistics and reports in Microsoft Purview eDiscovery (Premium) |
compliance | Collections Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/collections-overview.md | Title: "Overview of collections in eDiscovery (Premium)" +description: "Use collections in eDiscovery (Premium) to search for and collect content that's relative to your case or investigation." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Use collections in eDiscovery (Premium) to search for and collect content that's relative to your case or investigation." + # Learn about collections in eDiscovery (Premium) |
compliance | Commit Draft Collection | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/commit-draft-collection.md | Title: "Commit a draft collection to a review set" +description: "After you create and iterate on a draft collection, you can commit it to a review set. When you commit a draft collection, the collected items are added to review set in the case. After the collected items are in the review set, you can analyze, review, and export them." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "After you create and iterate on a draft collection, you can commit it to a review set. When you commit a draft collection, the collected items are added to review set in the case. After the collected items are in the review set, you can analyze, review, and export them." # Commit a draft collection to a review set in eDiscovery (Premium) |
compliance | Communication Compliance Case Study | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-case-study.md | f1_keywords: ms.localizationpriority: medium -- Strat_O365_IP+- tier1 - M365-security-compliance-- remotework search.appverid: - MET150 - MOE150 |
compliance | Communication Compliance Channels | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-channels.md | f1_keywords: ms.localizationpriority: medium -- Strat_O365_IP+- tier1 - M365-security-compliance search.appverid: - MET150 |
compliance | Communication Compliance Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-configure.md | f1_keywords: ms.localizationpriority: medium -- Strat_O365_IP-- m365-security-compliance+- highpri +- tier1 +- M365-security-compliance - m365solution-insiderrisk-- m365initiative-compliance search.appverid: - MET150 |
compliance | Communication Compliance Investigate Remediate | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-investigate-remediate.md | f1_keywords: ms.localizationpriority: medium -- Strat_O365_IP+- tier1 - M365-security-compliance search.appverid: |
compliance | Communication Compliance Plan | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-plan.md | f1_keywords: ms.localizationpriority: medium -- Strat_O365_IP+- tier1 - M365-security-compliance search.appverid: - MET150 |
compliance | Communication Compliance Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-policies.md | f1_keywords: ms.localizationpriority: medium -- Strat_O365_IP+- tier1 - M365-security-compliance search.appverid: - MET150 |
compliance | Communication Compliance Reports Audits | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-reports-audits.md | f1_keywords: ms.localizationpriority: medium -- Strat_O365_IP+- tier1 - M365-security-compliance search.appverid: - MET150 |
compliance | Communication Compliance Siem | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-siem.md | f1_keywords: ms.localizationpriority: medium -- Strat_O365_IP+- tier1 - M365-security-compliance search.appverid: - MET150 |
compliance | Communication Compliance Solution Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-solution-overview.md | +- tier1 +- M365-security-compliance - m365solution-insiderrisk-- m365initiative-compliance-- m365solution-scenario # Communication compliance |
compliance | Communication Compliance | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance.md | f1_keywords: ms.localizationpriority: medium -- Strat_O365_IP-- m365-security-compliance+- highpri +- tier1 +- M365-security-compliance - m365solution-insiderrisk-- m365initiative-compliance search.appverid: - MET150 - MOE150 |
compliance | Compliance Easy Trials Compliance Playbook | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-easy-trials-compliance-playbook.md | Title: "Microsoft Purview solutions trial playbook" f1.keywords: - NOCSH--++ audience: Admin |
compliance | Compliance Easy Trials | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-easy-trials.md | Title: "About the Microsoft Purview solutions trial" f1.keywords: - NOCSH--++ audience: Admin |
compliance | Compliance Extensibility | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-extensibility.md | Title: "Microsoft Purview extensibility" +description: "Learn about extending Microsoft Purview solutions by using third-party data connectors and Microsoft Graph APIs." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance+- data-connectors search.appverid: - MOE150-- MET150+- MET150 - seo-marvel-apr2020-description: "Learn about extending Microsoft Purview solutions by using third-party data connectors and Microsoft Graph APIs." # Microsoft Purview and Microsoft Priva extensibility |
compliance | Compliance Quick Tasks | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-quick-tasks.md | +- tier1 - m365-security-compliance-- m365initiative-compliance - admindeeplinkDEFENDER - intro-get-started |
compliance | Configure Edge To Export Search Results | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/configure-edge-to-export-search-results.md | Title: "Use the eDiscovery Export Tool in Microsoft Edge" +description: "You have to enable ClickOnce support to use the newest version of Microsoft Edge to download search results from Content Search and eDiscovery in the security and compliance center." f1.keywords: - NOCSH +- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "You have to enable ClickOnce support to use the newest version of Microsoft Edge to download search results from Content Search and eDiscovery in the security and compliance center." # Use the eDiscovery Export Tool in Microsoft Edge |
compliance | Configure Search And Analytics Settings In Advanced Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/configure-search-and-analytics-settings-in-advanced-ediscovery.md | Title: Configure search and analytics settings - eDiscovery (Premium) +description: "Configure Microsoft Purview eDiscovery (Premium) settings that apply to all review set in a case. This includes settings for analytics and Optical character recognition." f1.keywords: - NOCSH Previously updated : audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 -description: "Configure Microsoft Purview eDiscovery (Premium) settings that apply to all review set in a case. This includes settings for analytics and Optical character recognition." # Configure search and analytics settings in eDiscovery (Premium) |
compliance | Content Search Reference | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/content-search-reference.md | Title: "Feature reference for Content search" +description: "This article contains reference information about the Content search eDiscovery tool in the Microsoft Purview compliance portal to help you learn the many details about Content search." f1.keywords: - NOCSH +- tier1 - M365-security-compliance-- SPO_Content+- ediscovery search.appverid: - MOE150 - MED150 search.appverid: - seo-marvel-apr2020 - admindeeplinkMAC-description: "This article contains reference information about the Content search eDiscovery tool in the Microsoft Purview compliance portal to help you learn the many details about Content search." # Feature reference for Content search |
compliance | Content Search | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/content-search.md | Title: "Create and run a Content search in the Microsoft Purview compliance portal" +description: "Use the Content search eDiscovery tool in the compliance center to search for content in different Microsoft 365 services." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: high--- Strat_O365_IP++- tier1 - M365-security-compliance-- SPO_Content+- ediscovery search.appverid: - MOE150 - MED150 search.appverid: - seo-marvel-apr2020 - admindeeplinkCOMPLIANCE-description: "Use the Content search eDiscovery tool in the compliance center to search for content in different Microsoft 365 services." # Create a content search |
compliance | Conversation Review Sets | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/conversation-review-sets.md | Title: "Review conversations in eDiscovery (Premium)" +description: "Learn about the conversation reconstruction feature in Microsoft Purview eDiscovery (Premium) (called conversation threading) to reconstruct, review, and export chat conversations in Microsoft Teams and Yammer groups." + f1.keywords: - NOCSH Previously updated : audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Learn about the conversation reconstruction feature in Microsoft Purview eDiscovery (Premium) (called conversation threading) to reconstruct, review, and export chat conversations in Microsoft Teams and Yammer groups." - # Conversation threading in eDiscovery (Premium) |
compliance | Create A Litigation Hold | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-a-litigation-hold.md | Title: "Create a Litigation hold" +description: "Learn how to place a mailbox on Litigation hold, retaining all the mailbox content during an investigation." f1.keywords: - NOCSH -description: "Learn how to place a mailbox on Litigation hold, retaining all the mailbox content during an investigation." - seo-marvel-mar2020 - seo-marvel-apr2020 - admindeeplinkCOMPLIANCE++- tier1 +- M365-security-compliance +- ediscovery # Create a Litigation hold |
compliance | Create A Report On Holds In Ediscovery Cases | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-a-report-on-holds-in-ediscovery-cases.md | Title: "Use a script to create an eDiscovery holds report" +description: Learn how to generate a report that contains information about all the holds that are associated with eDiscovery cases. f1.keywords: - NOCSH +- tier1 - M365-security-compliance-- SPO_Content+- ediscovery search.appverid: - MOE150 - MET150 - seo-marvel-apr2020-description: Learn how to generate a report that contains information about all the holds that are associated with eDiscovery cases. # Use a script to create a report on holds in eDiscovery cases |
compliance | Create Activity Alerts | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-activity-alerts.md | Title: "Create activity alerts" +description: Add and manage activity alerts in the Microsoft Purview compliance portal so that Microsoft 365 will send you email notifications when users perform specific activities. f1.keywords: - NOCSH search.appverid: - MED150 - BCS160 - MET150++- tier1 +- M365-security-compliance -description: Add and manage activity alerts in the Microsoft Purview compliance portal so that Microsoft 365 will send you email notifications when users perform specific activities # Create activity alerts |
compliance | Create And Manage Advanced Ediscoveryv2 Case | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-and-manage-advanced-ediscoveryv2-case.md | Title: "Create and manage eDiscovery (Premium) cases in Microsoft 365" + Title: "Create and manage an eDiscovery (Premium) case" +description: "This article describes how to create and manage Microsoft Purview eDiscovery (Premium) cases. The first step is to create a case and start using eDiscovery (Premium) features and functionality." f1.keywords: - NOCSH +- tier1 - M365-security-compliance - m365solution-aed-- m365initiative-compliance - m365solution-scenario+- ediscovery search.appverid: - MOE150 - MET150-description: "This article describes how to create and manage Microsoft Purview eDiscovery (Premium) cases. The first step is to create a case and start using eDiscovery (Premium) features and functionality." # Create and manage an eDiscovery (Premium) case |
compliance | Create And Manage Inactive Mailboxes | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-and-manage-inactive-mailboxes.md | +- tier1 search.appverid: - MOE150 - MET150 |
compliance | Create Apply Retention Labels | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-apply-retention-labels.md | +- tier1 - SPO_Content search.appverid: |
compliance | Create Draft Collection | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-draft-collection.md | Title: "Create a draft collection" +description: "A draft collection is an eDiscovery search of custodial and non-custodial data sources in an eDiscovery (Premium) case that returns a search estimate that matches the search query of the collection. You can review search statistics, preview a sampling of items, and revise and rerun the collection before you commit the results to a review set." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "A draft collection is an eDiscovery search of custodial and non-custodial data sources in an eDiscovery (Premium) case that returns a search estimate that matches the search query of the collection. You can review search statistics, preview a sampling of items, and revise and rerun the collection before you commit the results to a review set." # Create a draft collection in eDiscovery (Premium) |
compliance | Create Ediscovery Holds | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-ediscovery-holds.md | Title: "Create eDiscovery holds in a eDiscovery (Standard) case" +description: "You can create a hold that's associated with a eDiscovery (Standard) case in Microsoft 365 to preserve content relevant to an investigation or legal case." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance-- SPO_Content+- ediscovery search.appverid: - MOE150 - MET150-description: "You can create a hold that's associated with a eDiscovery (Standard) case in Microsoft 365 to preserve content relevant to an investigation or legal case." # Create an eDiscovery hold |
compliance | Create Hold Notification | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-hold-notification.md | Title: "Create a legal hold notice" +description: Use the Communications tool in an eDiscovery (Premium) case to send, collect, and track legal hold notifications. f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150--description: Use the Communications tool in an eDiscovery (Premium) case to send, collect, and track legal hold notifications. |
compliance | Create Report On And Delete Multiple Content Searches | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-report-on-and-delete-multiple-content-searches.md | Title: "Create, report on, and delete Content Searches" +description: "Learn how to automate Content Search tasks like creating searches and running reports using Security & Compliance PowerShell." f1.keywords: - NOCSH audience: Admin -- SPO_Content+- tier1 +- M365-security-compliance +- ediscovery ms.localizationpriority: medium search.appverid: - SPO160 - MOE150 - MET150-description: "Learn how to automate Content Search tasks like creating searches and running reports using Security & Compliance PowerShell." |
compliance | Create Retention Labels Data Lifecycle Management | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-retention-labels-data-lifecycle-management.md | +- tier1 - SPO_Content search.appverid: - MOE150 |
compliance | Create Retention Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-retention-policies.md | +- tier1 - SPO_Content search.appverid: |
compliance | Create Sensitivity Labels | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-sensitivity-labels.md | +- tier1 - SPO_Content search.appverid: |
compliance | Data Classification Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-classification-overview.md | Title: "Learn about data classification" + Title: "How to use the Microsoft data classification dashboard" f1.keywords: - NOCSH -description: "The data classification dashboard gives you visibility into how much sensitive data has been found and classified in your organization." +description: "The data Microsoft Purview compliance classification dashboard provides visibility into how much sensitive data has been found and classified in your organization." -# Learn about data classification +# How to use the Microsoft data classification dashboard As a Microsoft 365 administrator or compliance administrator, you can evaluate and then tag content in your organization in order to control where it goes, protect it no matter where it is, and ensure that it is preserved and deleted according to your organization's needs. You do this through the application of [sensitivity labels](sensitivity-labels.md), [retention labels](retention.md#retention-labels), and sensitive information type classification. There are various ways to do the discovery, evaluation, and tagging, but the end result is that you may have very large numbers of documents and emails that are tagged and classified with one or both of these labels. After you apply your retention labels and sensitivity labels, you'll want to see how the labels are being used across your tenant and what is being done with those items. The data classification page provides visibility into that body of content, specifically: |
compliance | Data Connector Admin Logs | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-connector-admin-logs.md | Title: "Use the admin log for data connectors to view status about importing data" +description: "Learn how to access and view admin logs for data connectors to get status information for the data imported by the connector." f1.keywords: - NOCSH +- tier1 - M365-security-compliance+- data-connectors search.appverid: - MOE150 - MET150 - seo-marvel-apr2020-description: "Learn how to access and view admin logs for data connectors to get status information for the data imported by the connector." # View admin logs for data connectors |
compliance | Data Governance Solution | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-governance-solution.md | +- tier1 ms.localizationpriority: high search.appverid: - MOE150 |
compliance | Data Lifecycle Management | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-lifecycle-management.md | +- tier1 - SPO_Content-- m365initiative-compliance description: Learn how Microsoft Purview Data Lifecycle Management helps you keep what you need and delete what you don't. |
compliance | Data Spillage Scenariosearch And Purge | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-spillage-scenariosearch-and-purge.md | Title: "eDiscovery solution series Data spillage scenario - Search and purge" +description: "Use eDiscovery and search tools to manage and respond to a data spillage incident in your organization." f1.keywords: - NOCSH audience: ITPro ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MET150-description: "Use eDiscovery and search tools to manage and respond to a data spillage incident in your organization." # eDiscovery solution series: Data spillage scenario - Search and purge |
compliance | De Duplication In Ediscovery Search Results | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/de-duplication-in-ediscovery-search-results.md | Title: "De-duplication in eDiscovery search results" +description: Learn how to eliminate duplicate eDiscovery search results so that only one copy of an email message is exported. f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance+- ediscovery search.appverid: - MOE150 - MET150 - seo-marvel-apr2020-description: Learn how to eliminate duplicate eDiscovery search results so that only one copy of an email message is exported. # De-duplication in eDiscovery search results |
compliance | Decision Based On The Results In Advanced Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/decision-based-on-the-results-in-advanced-ediscovery.md | Title: "Decision based on the results in eDiscovery (Premium)" +description: "Learn how the Decide tab in eDiscovery (Premium) provides data that can help you determine the correct size of the review set of case files." f1.keywords: - NOCSH ms.localizationpriority: medium search.appverid: - MOE150 - MET150-description: "Learn how the Decide tab in eDiscovery (Premium) provides data that can help you determine the correct size of the review set of case files." ++- tier1 +- M365-security-compliance +- ediscovery # Decisions based on Relevance results in eDiscovery (Premium) |
compliance | Declare Records | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/declare-records.md | +- tier1 - SPO_Content search.appverid: - MOE150 |
compliance | Delete An Inactive Mailbox | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/delete-an-inactive-mailbox.md | audience: Admin ms.localizationpriority: medium-++- M365-security-compliance +- tier2 search.appverid: - MOE150 - MET150 |
compliance | Delete Items In The Recoverable Items Folder Of Mailboxes On Hold | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/delete-items-in-the-recoverable-items-folder-of-mailboxes-on-hold.md | Title: Delete items in the Recoverable Items folder +description: Learn how admins can delete items in a user's Recoverable Items folder for an Exchange Online mailbox, even if that mailbox is placed on legal hold. f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance+- ediscovery search.appverid: - MOE150 - MET150 ms.assetid: a85e1c87-a48e-4715-bfa9-d5275cde67b0-description: Learn how admins can delete items in a user's Recoverable Items folder for an Exchange Online mailbox, even if that mailbox is placed on legal hold. - seo-marvel-apr2020 - admindeeplinkEXCHANGE |
compliance | Deploy Facebook Connector | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/deploy-facebook-connector.md | Title: "Deploy a connector to archive Facebook Business pages data" +description: "Administrators can set up a native connector to import and archive Facebook Business pages to Microsoft 365. After this data is imported to Microsoft 365, you can use compliance features such as legal hold, content search, and retention policies to manage the governance of your organization's Facebook data." f1.keywords: - NOCSH +- tier1 +- M365-security-compliance +- data-connectors -description: "Administrators can set up a native connector to import and archive Facebook Business pages to Microsoft 365. After this data is imported to Microsoft 365, you can use compliance features such as legal hold, content search, and retention policies to manage the governance of your organization's Facebook data." # Deploy a connector to archive Facebook Business pages data |
compliance | Deploy Twitter Connector | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/deploy-twitter-connector.md | Title: "Deploy a connector to archive Twitter data" +description: "Administrators can set up a native connector to import and archive Twitter data to Microsoft 365. After this data is imported to Microsoft 365, you can use compliance features such as legal hold, content search, and retention policies to manage the governance of your organization's Twitter data." f1.keywords: - NOCSH +- tier1 +- M365-security-compliance +- data-connectors -description: "Administrators can set up a native connector to import and archive Twitter data to Microsoft 365. After this data is imported to Microsoft 365, you can use compliance features such as legal hold, content search, and retention policies to manage the governance of your organization's Twitter data." # Deploy a connector to archive Twitter data |
compliance | Detailed Properties In The Office 365 Audit Log | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/detailed-properties-in-the-office-365-audit-log.md | Title: "Detailed properties in the audit log" +description: This article provides descriptions of additional properties included when you export results for an Office 365 audit log record. f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance+- audit search.appverid: - MOE150 - BCS160 - MET150-description: This article provides descriptions of additional properties included when you export results for an Office 365 audit log record. |
compliance | Differences Between Estimated And Actual Ediscovery Search Results | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/differences-between-estimated-and-actual-ediscovery-search-results.md | Title: "Estimated and actual eDiscovery search results" +description: "Understand why estimated and actual search results may vary in searches run with eDiscovery tools in Office 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance+- ediscovery search.appverid: - SPO160 - MOE150 - MET150-description: "Understand why estimated and actual search results may vary in searches run with eDiscovery tools in Office 365." # Differences between estimated and actual eDiscovery search results |
compliance | Disable Reports When You Export Content Search Results | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/disable-reports-when-you-export-content-search-results.md | Title: "Disable reports when you export Content Search results" +description: Edit the Windows Registry on your local computer to disable reports when you export the results of a Content Search from the Microsoft Purview compliance portal. f1.keywords: - NOCSH ms.localizationpriority: medium search.appverid: - MOE150 - MET150 - seo-marvel-apr2020-description: Edit the Windows Registry on your local computer to disable reports when you export the results of a Content Search from the Microsoft Purview compliance portal. ++- tier1 +- M365-security-compliance +- content-search # Disable reports when you export Content Search results |
compliance | Disposition | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/disposition.md | +- tier1 search.appverid: - MOE150 |
compliance | Document Metadata Fields In Advanced Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/document-metadata-fields-in-Advanced-eDiscovery.md | Title: "Document metadata fields in eDiscovery (Premium)" +description: "This article defines the metadata fields for documents in a review set in a case in Microsoft Purview eDiscovery (Premium) in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150--description: "This article defines the metadata fields for documents in a review set in a case in Microsoft Purview eDiscovery (Premium) in Microsoft 365." # Document metadata fields in eDiscovery (Premium) |
compliance | Download Documents From Review Set | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/download-documents-from-review-set.md | Title: "Download documents from a review set" +description: "Learn how to select and download content from a review set in eDiscovery (Premium) for presentations or external reviews." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Learn how to select and download content from a review set in eDiscovery (Premium) for presentations or external reviews." |
compliance | Download Export Jobs | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/download-export-jobs.md | Title: Export documents to an organization Azure Storage account +description: "Export documents in a review set to an Azure Storage account and then use Azure Storage Explorer to download them to a local computer." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 -description: "Export documents in a review set to an Azure Storage account and then use Azure Storage Explorer to download them to a local computer." # Export documents in a review set to an Azure Storage account |
compliance | Ediscovery Cjk Support | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery-cjk-support.md | Title: "CJK/Double Byte support for eDiscovery (Premium)" +description: "Learn how Microsoft Purview eDiscovery (Premium) in Microsoft 365 supports Chinese, Japanese, and Korean (CJK) languages, which use a double-byte character set." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 - seo-marvel-apr2020-description: "Learn how Microsoft Purview eDiscovery (Premium) in Microsoft 365 supports Chinese, Japanese, and Korean (CJK) languages, which use a double-byte character set." # CJK language support for eDiscovery (Premium) |
compliance | Ediscovery Decryption | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery-decryption.md | Title: "Decryption in eDiscovery" +description: "Learn about how Microsoft 365 eDiscovery tools handle encrypted documents attached to email messages and stored in SharePoint Online and OneDrive for Business." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 - seo-marvel-apr2020-description: "Learn about how Microsoft 365 eDiscovery tools handle encrypted documents attached to email messages and stored in SharePoint Online and OneDrive for Business." # Decryption in Microsoft 365 eDiscovery tools |
compliance | Ediscovery Diagnostic Info | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery-diagnostic-info.md | Title: "Collect eDiscovery diagnostic information" +description: "Learn about how to collect eDiscovery diagnostic information for a Microsoft Support case." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 - seo-marvel-apr2020 - admindeeplinkCOMPLIANCE-description: "Learn about how to collect eDiscovery diagnostic information for a Microsoft Support case." # Collect eDiscovery diagnostic information |
compliance | Ediscovery Graph Connector | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery-graph-connector.md | Title: "Microsoft Purview eDiscovery Graph connectors" +description: "Microsoft 365 customers can perform eDiscovery searches on content ingested for enterprise search." f1.keywords: - NOCSH Last updated 07/15/2022 audience: Admin -++- tier1 - m365-security-compliance - m365solution-ediscovery-- m365initiative-compliance - m365solution-overview+- ediscovery ms.localizationpriority: medium search.appverid: - SPO160 - MOE150 - MET150-description: "Microsoft 365 customers can perform eDiscovery searches on content ingested for enterprise search." # Use Graph connectors with eDiscovery (Premium) |
compliance | Ediscovery Kql Editor | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery-kql-editor.md | Title: "Use the KQL editor to build search queries" +description: "You can use the KQL editor to configure eDiscovery search queries in Content search, eDiscovery (Standard), and eDiscovery (Premium)." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "You can use the KQL editor to configure eDiscovery search queries in Content search, eDiscovery (Standard), and eDiscovery (Premium)." # Use the KQL editor to build search queries |
compliance | Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery.md | Title: "Microsoft Purview eDiscovery solutions" +description: "Microsoft Purview offers three eDiscovery tools that you can use to search for and export content found in different locations such as Exchange mailboxes, SharePoint and OneDrive for Business sites, Microsoft 365 Groups, Microsoft Teams, and Skype for Business conversations. eDiscovery (Standard) and eDiscovery (Premium) provide many additional features to help you manage your investigations." f1.keywords: - NOCSH audience: Admin +- tier1 - m365-security-compliance - m365solution-ediscovery-- m365initiative-compliance - m365solution-overview+- ediscovery ms.localizationpriority: medium search.appverid: - SPO160 - MOE150 - MET150-description: "Microsoft Purview offers three eDiscovery tools that you can use to search for and export content found in different locations such as Exchange mailboxes, SharePoint and OneDrive for Business sites, Microsoft 365 Groups, Microsoft Teams, and Skype for Business conversations. eDiscovery (Standard) and eDiscovery (Premium) provide many additional features to help you manage your investigations." + # Microsoft Purview eDiscovery solutions |
compliance | Email Threading In Advanced Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/email-threading-in-advanced-ediscovery.md | Title: Email threading in eDiscovery (Premium) +description: "When conducting an eDiscovery (Premium) analysis, email threading parses an email conversation and separates each message into different categories." f1.keywords: - NOCSH Previously updated : audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "When conducting an eDiscovery (Premium) analysis, email threading parses an email conversation and separates each message into different categories." |
compliance | Enable Archive Mailboxes | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/enable-archive-mailboxes.md | f1_keywords: ms.localizationpriority: high -- Strat_O365_IP - M365-security-compliance+- tier1 search.appverid: - MOE150 - MET150 |
compliance | Encryption Azure Ad Configuration | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/encryption-azure-ad-configuration.md | audience: Admin ms.localizationpriority: high-++- M365-security-compliance +- tier1 description: How to configure Azure AD cross-tenant access settings and Conditional Access policies for content encrypted by Microsoft Purview Information Protection. |
compliance | Encryption Sensitivity Labels | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/encryption-sensitivity-labels.md | +- tier1 search.appverid: - MOE150 - MET150 |
compliance | Error Remediation When Processing Data In Advanced Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/error-remediation-when-processing-data-in-advanced-ediscovery.md | Title: "Error remediation when processing data" +description: Learn how to use error remediation to correct data issues in eDiscovery (Premium) that might prevent proper processing of content. f1.keywords: - NOCSH Previously updated : audience: Admin -description: Learn how to use error remediation to correct data issues in eDiscovery (Premium) that might prevent proper processing of content. |
compliance | Event Driven Retention | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/event-driven-retention.md | +- tier1 search.appverid: - MOE150 - MET150 |
compliance | Export A Content Search Report | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/export-a-content-search-report.md | Title: "Export a Content search report" +description: "Instead of exporting the actual results of a Content search in the Microsoft Purview compliance portal, you can export a search results report. The report contains a summary of the search results and a document with detailed information about each item that would be exported." f1.keywords: - NOCSH f1_keywords: - 'ms.o365.cc.CustomizeExportReport' ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance+- content-search search.appverid: - MOE150 - MED150 - MBS150 - MET150-description: "Instead of exporting the actual results of a Content search in the Microsoft Purview compliance portal, you can export a search results report. The report contains a summary of the search results and a document with detailed information about each item that would be exported." |
compliance | Export Content In Core Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/export-content-in-core-ediscovery.md | Title: "Export and download content from a eDiscovery (Standard) case" +description: "Describes how to export and download content from a eDiscovery (Standard) case in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance-- SPO_Content+- ediscovery search.appverid: - MOE150 - MET150 -description: "Describes how to export and download content from a eDiscovery (Standard) case in Microsoft 365." # Export content from a eDiscovery (Standard) case |
compliance | Export Documents From Review Set | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/export-documents-from-review-set.md | Title: "Export documents from a review set" +description: "Learn how to select and export content from an eDiscovery (Premium) review set for presentations or external reviews." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Learn how to select and export content from an eDiscovery (Premium) review set for presentations or external reviews." |
compliance | Export Search Results | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/export-search-results.md | Title: "Export Content search results" +description: "Export the search results from a Content search in the Microsoft Purview compliance portal to a local computer. Email results are exported as PST files. Content from SharePoint and OneDrive for Business sites are exported as native Office documents." f1.keywords: - NOCSH f1_keywords: - 'ms.o365.cc.CustomizeExport' ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance-- SPO_Content+- content-search search.appverid: - MOE150 - MED150 - MET150-description: "Export the search results from a Content search in the Microsoft Purview compliance portal to a local computer. Email results are exported as PST files. Content from SharePoint and OneDrive for Business sites are exported as native Office documents." |
compliance | Export View Audit Log Records | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/export-view-audit-log-records.md | Title: "Export, configure, and view audit log records" +description: "In this article, you will learn how to export, configure, and view Microsoft 365 audit log records." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance+- audit search.appverid: - MOE150 - MET150 -description: "In this article, you will learn how to export, configure, and view Microsoft 365 audit log records." # Export, configure, and view audit log records |
compliance | Exporting Data Ediscover20 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/exporting-data-ediscover20.md | Title: "Export case data in eDiscovery (Premium)" +description: "Learn how to export or download content from a review set for presentations or external reviews in an eDiscovery (Premium) case." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Learn how to export or download content from a review set for presentations or external reviews in an eDiscovery (Premium) case." |
compliance | File Plan Manager | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/file-plan-manager.md | audience: Admin ms.localizationpriority: high-++- M365-security-compliance +- tier1 search.appverid: - MOE150 |
compliance | Filter Data When Importing Pst Files | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/filter-data-when-importing-pst-files.md | Title: "Filter data when importing PST files" +description: "Learn how to filter data using the intelligent import feature in the Microsoft 365 import service when you import PST files to Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance+- import search.appverid: - MOE150 - MET150 - seo-marvel-apr2020 - admindeeplinkCOMPLIANCE-description: "Learn how to filter data using the intelligent import feature in the Microsoft 365 import service when you import PST files to Microsoft 365." # Filter data when importing PST files |
compliance | Get Started Core Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-core-ediscovery.md | Title: "Get started with eDiscovery (Standard) cases in Microsoft Purview" +description: "Describes how to get started using eDiscovery (Standard) in Microsoft Purview. After you assign eDiscovery permissions and create a case, you can add members, create eDiscovery holds, and then search for and export content that's relevant to your investigation." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance-- SPO_Content+- ediscovery search.appverid: - MOE150 - MET150-description: "Describes how to get started using eDiscovery (Standard) in Microsoft Purview. After you assign eDiscovery permissions and create a case, you can add members, create eDiscovery holds, and then search for and export content that's relevant to your investigation." # Get started with eDiscovery (Standard) in Microsoft Purview |
compliance | Get Started With Advanced Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-advanced-ediscovery.md | Title: "Set up eDiscovery (Premium) in Microsoft Purview" +description: "This article describes how to set up eDiscovery (Premium) so you can start creating and managing cases. It also describes the required Microsoft subscriptions and licensing. After you complete a few quick steps, the eDiscovery (Premium) tool is ready to use." f1.keywords: - NOCSH +- highpri +- tier1 - M365-security-compliance - m365solution-aed-- m365initiative-compliance - m365solution-scenario search.appverid: - MOE150 - MET150-description: "This article describes how to set up eDiscovery (Premium) so you can start creating and managing cases. It also describes the required Microsoft subscriptions and licensing. After you complete a few quick steps, the eDiscovery (Premium) tool is ready to use." # Set up Microsoft Purview eDiscovery (Premium) |
compliance | Get Started With Data Lifecycle Management | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-data-lifecycle-management.md | +- tier1 - SPO_Content-- m365initiative-compliance search.appverid: - MOE150 |
compliance | Get Started With Records Management | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-records-management.md | +- tier1 - SPO_Content search.appverid: |
compliance | Get Started With Sensitivity Labels | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-sensitivity-labels.md | +- tier1 - SPO_Content - m365solution-mip-- m365initiative-compliance search.appverid: - MOE150 - MET150 |
compliance | Get Started With Service Trust Portal | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-service-trust-portal.md | Title: "Get started with the Microsoft Service Trust Portal" +description: Learn how to access and use the Microsoft Service Trust Portal to help with security, privacy, and compliance practices. f1.keywords: - NOCSH -mscollection: M365-security-compliance +mscollection: +- tier3 +- M365-security-compliance - Adm_O365 - seo-marvel-apr2020 - admindeeplinkCOMPLIANCE-description: Learn how to access and use the Microsoft Service Trust Portal to help with security, privacy, and compliance practices. # Get started with Microsoft Service Trust Portal |
compliance | Identify A Hold On An Exchange Online Mailbox | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/identify-a-hold-on-an-exchange-online-mailbox.md | Title: "How to identify the hold on an Exchange Online mailbox" +description: "Learn how to identify the different types of hold that can be placed on an Exchange Online mailbox in Microsoft 365." f1.keywords: - NOCSH Previously updated : audience: ITPro -++- tier1 +- M365-security-compliance +- ediscovery ms.localizationpriority: medium search.appverid: - MET150 - seo-marvel-apr2020 - admindeeplinkEXCHANGE-description: "Learn how to identify the different types of hold that can be placed on an Exchange Online mailbox in Microsoft 365." - # How to identify the type of hold placed on an Exchange Online mailbox |
compliance | Import Epic Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-epic-data.md | Title: "Set up a connector to import Epic EHR data" +description: "Administrators can set up a data connector to import electronic healthcare records (EHR) data from your organization's Epic system to Microsoft 365. This lets you use Epic EHR data in insider risk management policies to help you detect unauthorized access activity to patient data by your employees." f1.keywords: - NOCSH -description: "Administrators can set up a data connector to import electronic healthcare records (EHR) data from your organization's Epic system to Microsoft 365. This lets you use Epic EHR data in insider risk management policies to help you detect unauthorized access activity to patient data by your employees." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to import Epic EHR audit data (preview) |
compliance | Import Healthcare Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-healthcare-data.md | Title: "Set up a connector to import generic healthcare audit data" +description: "Administrators can set up a data connector to import electronic healthcare records (EHR) data from their healthcare system to Microsoft 365. This lets you use EHR data in insider risk management policies to help you detect unauthorized access activity to patient data by your employees." f1.keywords: - NOCSH -description: "Administrators can set up a data connector to import electronic healthcare records (EHR) data from their healthcare system to Microsoft 365. This lets you use EHR data in insider risk management policies to help you detect unauthorized access activity to patient data by your employees." ++- tier1 +- M365-security-compliance +- data-connectors # Set up a connector to import healthcare EHR audit data (preview) |
compliance | Import Hr Data US Government | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-hr-data-US-government.md | Title: "Set up a connector to import HR data to the US Government cloud" +description: "Administrators in the US Government cloud can set up a data connector to import employee data from their organization's human resources (HR) system to Microsoft 365. This lets you use HR data in insider risk management policies to help you detect activity by specific users that may pose an internal threat to your organization." f1.keywords: - NOCSH +- tier1 +- M365-security-compliance +- data-connectors -description: "Administrators in the US Government cloud can set up a data connector to import employee data from their organization's human resources (HR) system to Microsoft 365. This lets you use HR data in insider risk management policies to help you detect activity by specific users that may pose an internal threat to your organization." # Set up a connector to import HR data in US Government |
compliance | Import Hr Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-hr-data.md | Title: "Set up a connector to import HR data" +description: "Administrators can set up a data connector to import employee data from their organization's human resources (HR) system to Microsoft 365. This lets you use HR data in insider risk management policies to help you detect activity by specific users that may pose an internal threat to your organization." f1.keywords: - NOCSH +- tier1 +- M365-security-compliance +- data-connectors -description: "Administrators can set up a data connector to import employee data from their organization's human resources (HR) system to Microsoft 365. This lets you use HR data in insider risk management policies to help you detect activity by specific users that may pose an internal threat to your organization." # Set up a connector to import HR data |
compliance | Import Physical Badging Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-physical-badging-data.md | Title: "Set up a connector to import physical badging data" +description: "Administrators can set up a data connector to import data from their organization's physical badging system to Microsoft 365. This lets you use this data in insider risk management policies to help you detect access to your physical buildings by specific users that may indicate a possible internal threat to your organization." f1.keywords: - NOCSH +- tier1 +- M365-security-compliance +- data-connectors -description: "Administrators can set up a data connector to import data from their organization's physical badging system to Microsoft 365. This lets you use this data in insider risk management policies to help you detect access to your physical buildings by specific users that may indicate a possible internal threat to your organization." # Set up a connector to import physical badging data (preview) |
compliance | Importing Pst Files To Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/importing-pst-files-to-office-365.md | Title: "Learn about importing organization PST files" +description: Learn how to use the Import service in the Microsoft Purview compliance portal to bulk-import email data (PST files) to user mailboxes. f1.keywords: - NOCSH f1_keywords: ms.localizationpriority: high -- Strat_O365_IP+- tier1 - M365-security-compliance+- import search.appverid: MET150 - seo-marvel-apr2020 - admindeeplinkMAC-description: Learn how to use the Import service in the Microsoft Purview compliance portal to bulk-import email data (PST files) to user mailboxes. # Learn about importing your organization's PST files |
compliance | Inactive Mailboxes In Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/inactive-mailboxes-in-office-365.md | +- tier1 search.appverid: - MOE150 - MET150 |
compliance | Increase The Recoverable Quota For Mailboxes On Hold | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/increase-the-recoverable-quota-for-mailboxes-on-hold.md | Title: "Increase the Recoverable Items quota for mailboxes on hold" +description: "Enable the archive mailbox and turn on auto-expanding archiving to increase the size of the Recoverable Items folder for a mailbox in Microsoft 365." f1.keywords: - NOCSH Last updated audience: Admin -++- tier1 +- M365-security-compliance +- ediscovery ms.localizationpriority: medium search.appverid: - MOE150 - MET150-description: "Enable the archive mailbox and turn on auto-expanding archiving to increase the size of the Recoverable Items folder for a mailbox in Microsoft 365." # Increase the Recoverable Items quota for mailboxes on hold |
compliance | Indexing Custodian Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/indexing-custodian-data.md | Title: "Advanced indexing of custodian data" +description: "When a custodian is added to an eDiscovery (Premium) case, any content that was deemed as partially indexed is reprocessed to make it fully searchable." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "When a custodian is added to an eDiscovery (Premium) case, any content that was deemed as partially indexed is reprocessed to make it fully searchable." # Advanced indexing of custodian data |
compliance | Information Barriers Attributes | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-barriers-attributes.md | audience: ITPro +- tier2 - M365-security-compliance ms.localizationpriority: null f1.keywords: |
compliance | Information Barriers Edit Segments Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-barriers-edit-segments-policies.md | audience: ITPro +- tier2 - M365-security-compliance ms.localizationpriority: null f1.keywords: |
compliance | Information Barriers Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-barriers-policies.md | audience: ITPro +- highpri +- tier2 - M365-security-compliance-- m365solution-mip-- m365initiative-compliance ms.localizationpriority: null f1.keywords: - NOCSH |
compliance | Information Barriers Solution Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-barriers-solution-overview.md | +- tier2 +- M365-security-compliance - m365solution-insiderrisk-- m365initiative-compliance-- m365solution-scenario # Information barriers |
compliance | Information Barriers | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-barriers.md | audience: ITPro +- highpri +- tier2 - M365-security-compliance-- m365solution-mip-- m365initiative-compliance ms.localizationpriority: null f1.keywords: - NOCSH |
compliance | Information Protection Solution | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-protection-solution.md | search.appverid: - m365solution-overview - m365solution-mip-- m365initiative-compliance+- tier1 - zerotrust-solution description: "Prescriptive guidance to deploy Microsoft Purview Information Protection for your organization." |
compliance | Information Protection | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-protection.md | search.appverid: - MET150 - m365solution-mip-- m365initiative-compliance+- tier1 recommendations: false description: "Implement Microsoft Purview Information Protection capabilities to help you protect sensitive information wherever it lives or travels." |
compliance | Insider Risk Management Activities | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-activities.md | +- tier1 +- M365-security-compliance |
compliance | Insider Risk Management Audit Log | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-audit-log.md | +- tier1 +- M365-security-compliance # Insider risk management audit log |
compliance | Insider Risk Management Browser Support | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-browser-support.md | +- tier1 +- M365-security-compliance # Learn about and configure insider risk management browser signal detection |
compliance | Insider Risk Management Cases | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-cases.md | +- tier1 +- M365-security-compliance |
compliance | Insider Risk Management Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-configure.md | +- highpri +- tier1 +- M365-security-compliance - m365solution-insiderrisk-- m365initiative-compliance |
compliance | Insider Risk Management Content Explorer | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-content-explorer.md | +- tier1 +- M365-security-compliance # Insider risk management Content explorer |
compliance | Insider Risk Management Notices | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-notices.md | +- tier1 +- M365-security-compliance |
compliance | Insider Risk Management Plan | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-plan.md | +- tier1 +- M365-security-compliance |
compliance | Insider Risk Management Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-policies.md | +- tier1 +- M365-security-compliance |
compliance | Insider Risk Management Settings | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-settings.md | +- highpri +- tier1 +- M365-security-compliance - m365solution-insiderrisk-- m365initiative-compliance |
compliance | Insider Risk Management Solution Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-solution-overview.md | +- tier1 +- M365-security-compliance - m365solution-insiderrisk-- m365initiative-compliance-- m365solution-scenario # Insider risk management |
compliance | Insider Risk Management Users | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-users.md | +- tier1 +- M365-security-compliance |
compliance | Insider Risk Management | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management.md | +- highpri +- tier1 +- M365-security-compliance - m365solution-insiderrisk-- m365initiative-compliance # Learn about insider risk management |
compliance | Insider Risk Solution Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-solution-overview.md | +- tier1 +- M365-security-compliance - m365solution-insiderrisk-- m365initiative-compliance - m365solution-overview |
compliance | Investigating Partially Indexed Items In Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/investigating-partially-indexed-items-in-ediscovery.md | Title: "Investigating partially indexed items in eDiscovery" +description: "Learn how to manage partially indexed items (also called unindexed items) from Exchange, SharePoint, and OneDrive for Business within your organization." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 - seo-marvel-apr2020-description: "Learn how to manage partially indexed items (also called unindexed items) from Exchange, SharePoint, and OneDrive for Business within your organization." # Investigating partially indexed items in eDiscovery |
compliance | Keyword Queries And Search Conditions | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/keyword-queries-and-search-conditions.md | Title: "Keyword queries and search conditions for eDiscovery" +description: "Learn about email and document properties that you can search by using the eDiscovery search tools in Microsoft 365." f1.keywords: - NOCSH f1_keywords: ms.localizationpriority: medium -- Strat_O365_IP+- tier1 - M365-security-compliance-- SPO_Content+- ediscovery search.appverid: - MOE150 - MET150 - seo-marvel-apr2020-description: "Learn about email and document properties that you can search by using the eDiscovery search tools in Microsoft 365." # Keyword queries and search conditions for eDiscovery The following table lists email message properties that can be searched by using > [!NOTE] > When searching email properties, it's not possible to search for items in which the specified property is empty or blank. For example, using the *property:value* pair of **subject:""** to search for email messages with an empty subject line will return zero results. This also applies when searching site and contact properties. -|Property|Property description|Examples|Search results returned by the examples| -||||| -|AttachmentNames|The names of files attached to an email message.|`attachmentnames:annualreport.ppt` <p> `attachmentnames:annual*`|Messages that have an attached file named annualreport.ppt. In the second example, using the wildcard character ( * ) returns messages with the word "annual" in the file name of an attachment.<sup>1</sup>|`bcc:pilarp@contoso.com` <p> `bcc:pilarp` <p> `bcc:"Pilar Pinilla"`|All examples return messages with Pilar Pinilla included in the Bcc field.<br>([See Recipient Expansion](keyword-queries-and-search-conditions.md#recipient-expansion))| +|**Property**|**Property description**|**Examples**|**Search results returned by the examples**| +|:--|:--|:--|:| +|AttachmentNames|The names of files attached to an email message.|`attachmentnames:annualreport.ppt` <p> `attachmentnames:annual*`|Messages that have an attached file named annualreport.ppt. In the second example, using the wildcard character ( * ) returns messages with the word "annual" in the file name of an attachment.<sup>1</sup> +|Bcc|The Bcc field of an email message.<sup>1</sup>|`bcc:pilarp@contoso.com` <p> `bcc:pilarp` <p> `bcc:"Pilar Pinilla"`|All examples return messages with Pilar Pinilla included in the Bcc field.<br>([See Recipient Expansion](keyword-queries-and-search-conditions.md#recipient-expansion))| |Category|The categories to search. Categories can be defined by users by using Outlook or Outlook on the web (formerly known as Outlook Web App). The possible values are: <ul><li>blue<li>green<li>orange<li>purple<li>red<li>yellow</li></ul>|`category:"Red Category"`|Messages that have been assigned the red category in the source mailboxes.| |Cc|The Cc field of an email message.<sup>1</sup>|`cc:pilarp@contoso.com` <p> `cc:"Pilar Pinilla"`|In both examples, messages with Pilar Pinilla specified in the Cc field.<br>([See Recipient Expansion](keyword-queries-and-search-conditions.md#recipient-expansion))| |Folderid|The folder ID (GUID) of a specific mailbox folder. If you use this property, be sure to search the mailbox that the specified folder is located in. Only the specified folder will be searched. Any subfolders in the folder won't be searched. To search subfolders, you need to use the Folderid property for the subfolder you want to search. <p> For more information about searching for the Folderid property and using a script to obtain the folder IDs for a specific mailbox, see [Use Content search for targeted collections](use-content-search-for-targeted-collections.md).|`folderid:4D6DD7F943C29041A65787E30F02AD1F00000000013A0000` <p> `folderid:2370FB455F82FC44BE31397F47B632A70000000001160000 AND participants:garthf@contoso.com`|The first example returns all items in the specified mailbox folder. The second example returns all items in the specified mailbox folder that were sent or received by garthf@contoso.com.| |
compliance | Legacy Ediscovery Retirement | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/legacy-ediscovery-retirement.md | Title: "Legacy eDiscovery tools retired" +description: "In-Place eDiscovery and In-Place Hold (and the corresponding PowerShell cmdlets) in Exchange Online will be retired in the first half of 2020. The Search-Mailbox cmdlet and Microsoft Purview eDiscovery (Premium) v1.0 are also being retired within the same time period." f1.keywords: - NOCSH +- tier1 +- M365-security-compliance +- ediscovery -description: "In-Place eDiscovery and In-Place Hold (and the corresponding PowerShell cmdlets) in Exchange Online will be retired in the first half of 2020. The Search-Mailbox cmdlet and Microsoft Purview eDiscovery (Premium) v1.0 are also being retired within the same time period." # Retirement of legacy eDiscovery tools |
compliance | Limits Core Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/limits-core-ediscovery.md | Title: "Limits in eDiscovery (Standard) case" +description: "This article describes the limits in eDiscovery (Standard) case in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance-- SPO_Content+- ediscovery search.appverid: - MOE150 - MET150-description: "This article describes the limits in eDiscovery (Standard) case in Microsoft 365." # Limits in eDiscovery (Standard) |
compliance | Limits Ediscovery20 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/limits-ediscovery20.md | Title: "eDiscovery (Premium) limits" +description: "Learn about the case limits, indexing limits, and search limits in effect for the eDiscovery (Premium) solution in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 - seo-marvel-apr2020-description: "Learn about the case limits, indexing limits, and search limits in effect for the eDiscovery (Premium) solution in Microsoft 365." # Limits in eDiscovery (Premium) |
compliance | Limits For Content Search | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/limits-for-content-search.md | Title: "Limits for Content search and eDiscovery (Standard) in the compliance center" +description: "Learn about the limits in effect for the Content search and eDiscovery (Standard) features in the Microsoft Purview compliance portal." f1.keywords: - NOCSH +- tier1 - M365-security-compliance+- ediscovery search.appverid: - MOE150 - MET150-description: "Learn about the limits in effect for the Content search and eDiscovery (Standard) features in the Microsoft Purview compliance portal." # Limits for eDiscovery search |
compliance | Load Non Office 365 Data Into A Review Set | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/load-non-Office-365-data-into-a-review-set.md | Title: "Load non-Microsoft 365 data into a review set" +description: "Learn how to import non-Microsoft 365 data to a review set for analysis in an eDiscovery (Premium) case." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Learn how to import non-Microsoft 365 data to a review set for analysis in an eDiscovery (Premium) case." |
compliance | Mailitemsaccessed Forensics Investigations | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/mailitemsaccessed-forensics-investigations.md | Title: "Use Audit (Premium) to investigate compromised accounts" +description: "Use the MailItemsAccessed mailbox auditing action to perform forensic investigations of compromised user accounts." f1.keywords: - NOCSH +- tier1 - M365-security-compliance+- audit search.appverid: - MOE150 - MET150-description: "Use the MailItemsAccessed mailbox auditing action to perform forensic investigations of compromised user accounts." # Use Microsoft Purview Audit (Premium) to investigate compromised accounts |
compliance | Manage Data Governance | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-data-governance.md | +- m365-security-compliance +- tier1 ms.localizationpriority: high search.appverid: - MOE150 |
compliance | Manage Hold Notification | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-hold-notification.md | Title: "Manage hold notifications" +description: "Use the communications workflow in eDiscovery (Premium) to track the status of your legal hold notifications and if necessary update and resend them." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150--description: "Use the communications workflow in eDiscovery (Premium) to track the status of your legal hold notifications and if necessary update and resend them." # Manage hold notifications |
compliance | Manage Legal Investigations | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-legal-investigations.md | Title: "Manage legal investigations in Microsoft 365" +description: "Use eDiscovery cases in the Microsoft Purview compliance portal to manage your organization's legal investigation." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 - seo-marvel-apr2020-description: "Use eDiscovery cases in the Microsoft Purview compliance portal to manage your organization's legal investigation." # Manage legal investigations in Microsoft 365 |
compliance | Manage New Custodians | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-new-custodians.md | Title: "Manage custodians in an eDiscovery (Premium) case" +description: Learn how to view details, edit, and bulk edit the list of custodians in an eDiscovery (Premium) case. f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: Learn how to view details, edit, and bulk edit the list of custodians in an eDiscovery (Premium) case. |
compliance | Manage Relevance Setup In Advanced Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-relevance-setup-in-advanced-ediscovery.md | Title: "Manage Relevance setup in eDiscovery (Premium)" +description: "Read the recommendations for setting up Relevance training in eDiscovery (Premium) to score files by their relevance and generate analytical results." f1.keywords: - NOCSH ms.localizationpriority: high search.appverid: - MOE150 - MET150 -description: "Read the recommendations for setting up Relevance training in eDiscovery (Premium) to score files by their relevance and generate analytical results." ++- tier1 +- M365-security-compliance +- ediscovery # Manage Relevance setup in eDiscovery (Premium) (classic) |
compliance | Managing Custodian Communications | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/managing-custodian-communications.md | Title: "Work with communications in eDiscovery (Premium)" +description: "eDiscovery (Premium) makes it easy to manage the legal hold notification workflow around notifying custodians in legal investigations." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150--description: "eDiscovery (Premium) makes it easy to manage the legal hold notification workflow around notifying custodians in legal investigations." # Work with communications in eDiscovery (Premium) |
compliance | Managing Custodians | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/managing-custodians.md | Title: "Work with custodians in eDiscovery (Premium)" +description: Learn how to use the custodian management tool in eDiscovery (Premium) to manage data for a legal case. f1.keywords: - NOCSH Previously updated : audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 ms.assetid: - seo-marvel-apr2020-description: Learn how to use the custodian management tool in eDiscovery (Premium) to manage data for a legal case. # Work with custodians and non-custodial data sources in eDiscovery (Premium) |
compliance | Managing Holds | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/managing-holds.md | Title: "Manage holds in eDiscovery (Premium)" +description: Learn how to place holds on custodians and their data sources to preserve relevant content for your eDiscovery (Premium) case. f1.keywords: - NOCSH +- highpri +- tier1 - M365-security-compliance-- SPO_Content search.appverid: - MOE150 - MET150-description: Learn how to place holds on custodians and their data sources to preserve relevant content for your eDiscovery (Premium) case. - seo-marvel-mar2020 - admindeeplinkMAC |
compliance | Managing Jobs Ediscovery20 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/managing-jobs-ediscovery20.md | Title: "Manage jobs in eDiscovery (Premium)" +description: "eDiscovery (Premium) jobs help you track the status of long-running processes related to performing various eDiscovery (Premium) tasks." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "eDiscovery (Premium) jobs help you track the status of long-running processes related to performing various eDiscovery (Premium) tasks." # Manage jobs in eDiscovery (Premium) |
compliance | Managing Review Sets | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/managing-review-sets.md | Title: "Manage review sets in eDiscovery (Premium)" +description: Learn how to manage review sets so you can analyze, query, view, tag, and export data in an eDiscovery (Premium) case. + f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150--description: Learn how to manage review sets so you can analyze, query, view, tag, and export data in an eDiscovery (Premium) case. - # Manage review sets in eDiscovery (Premium) |
compliance | Microsoft 365 Compliance Center Permissions | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/microsoft-365-compliance-center-permissions.md | Title: "Permissions in the Microsoft Purview compliance portal" +description: Learn about managing permissions in the Microsoft Purview compliance portal. f1.keywords: - NOCSH -description: Learn about managing permissions in the Microsoft Purview compliance portal. -++- tier1 +- M365-security-compliance - admindeeplinkCOMPLIANCE - admindeeplinkEXCHANGE |
compliance | Microsoft 365 Compliance Center Redirection | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/microsoft-365-compliance-center-redirection.md | Title: "Redirection of users from the Office 365 Security and Compliance Center to the Microsoft Purview compliance portal" +description: Learn about automatic redirection of users from the Office 365 Security and Compliance Center users to the Microsoft Purview compliance portal. f1.keywords: - NOCSH -description: Learn about automatic redirection of users from the Office 365 Security and Compliance Center users to the Microsoft Purview compliance portal. -++- tier1 +- M365-security-compliance |
compliance | Microsoft 365 Compliance Center | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/microsoft-365-compliance-center.md | Title: "Microsoft Purview compliance portal" +description: Learn about the Microsoft Purview compliance portal, including what it contains, how to get it, and your next steps. f1.keywords: - NOCSH -description: Learn about the Microsoft Purview compliance portal, including what it contains, how to get it, and your next steps. -++- tier1 +- M365-security-compliance - admindeeplinkCOMPLIANCE - intro-overview |
compliance | Microsoft 365 Solution Catalog | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/microsoft-365-solution-catalog.md | Title: "Microsoft Purview solution catalog" +description: Learn about the Microsoft Purview solution catalog, including what it contains, how to access it, and your next steps. f1.keywords: - NOCSH audience: ITPro ms.localizationpriority: medium-description: Learn about the Microsoft Purview solution catalog, including what it contains, how to access it, and your next steps. -++- tier1 +- M365-security-compliance |
compliance | Migrate Legacy Ediscovery Searches And Holds | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/migrate-legacy-eDiscovery-searches-and-holds.md | Title: "Migrate legacy eDiscovery searches and holds to the Microsoft Purview compliance portal" +description: learn about migrating legacy eDiscovery searches and holds to the compliance portal. f1.keywords: - NOCSH +- tier1 +- M365-security-compliance +- ediscovery -description: # Migrate legacy eDiscovery searches and holds to the compliance portal |
compliance | Near Duplicate Detection In Advanced Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/near-duplicate-detection-in-advanced-ediscovery.md | Title: Near duplicate detection in eDiscovery +description: "Use near duplicate detection to group textually similar documents when analyzing case data in eDiscovery (Premium)." f1.keywords: - NOCSH Previously updated : audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 ms.assetid: -description: "Use near duplicate detection to group textually similar documents when analyzing case data in eDiscovery (Premium)." |
compliance | Non Custodial Data Sources | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/non-custodial-data-sources.md | Title: "Add non-custodial data sources to an eDiscovery (Premium) case" +description: "You can add non-custodial data sources to an eDiscovery (Premium) case and place a hold on the data source. Non-custodial data sources are reindexed, so any content that was marked as partially indexed is reprocessed to make it fully and quickly searchable." f1.keywords: - NOCSH Previously updated : audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "You can add non-custodial data sources to an eDiscovery (Premium) case and place a hold on the data source. Non-custodial data sources are reindexed, so any content that was marked as partially indexed is reprocessed to make it fully and quickly searchable." # Add non-custodial data sources to an eDiscovery (Premium) case |
compliance | Ome Message Access Logs | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ome-message-access-logs.md | Title: "Encrypted message portal activity log" +description: "Access logs are available for encrypted messages retrieved through the encrypted message portal." f1.keywords: - NOCSH +- tier1 - M365-security-compliance+- audit search.appverid: - MET150-description: "Access logs are available for encrypted messages retrieved through the encrypted message portal." # Encrypted message portal activity log by Microsoft Purview Advanced Message Encryption |
compliance | Overview Ediscovery 20 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/overview-ediscovery-20.md | Title: "Overview of the eDiscovery (Premium) solution in Microsoft Purview" +description: "Learn about the eDiscovery (Premium) solution in Microsoft Purview. This article provides an overview of eDiscovery (Premium) in Microsoft Purview, a tool to help you manage internal and external investigations. It also frames the business reasons for using eDiscovery (Premium) to manage your legal investigations." f1.keywords: - NOCSH +- tier1 - m365-security-compliance - m365solution-aed-- m365initiative-compliance - m365solution-overview+- ediscovery search.appverid: - MOE150 - MET150-description: "Learn about the eDiscovery (Premium) solution in Microsoft Purview. This article provides an overview of eDiscovery (Premium) in Microsoft Purview, a tool to help you manage internal and external investigations. It also frames the business reasons for using eDiscovery (Premium) to manage your legal investigations." |
compliance | Partially Indexed Items In Content Search | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/partially-indexed-items-in-content-search.md | Title: "Partially indexed items in Content Search" +description: "Learn about unindexed items in Exchange and SharePoint that you can include in an eDiscovery search that you run in the Microsoft Purview compliance portal." f1.keywords: - NOCSH f1_keywords: - 'ms.o365.cc.UnindexedItemsLearnMore' ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance+- ediscovery search.appverid: - SPO160 - MOE150 - MET150-description: "Learn about unindexed items in Exchange and SharePoint that you can include in an eDiscovery search that you run in the Microsoft Purview compliance portal." # Partially indexed items in eDiscovery |
compliance | Permissions Filtering For Content Search | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/permissions-filtering-for-content-search.md | Title: "Configure permissions filtering for eDiscovery" +description: "Use search permissions filtering to let eDiscovery managers search only a subset of mailboxes and sites in your organization." f1.keywords: - NOCSH +- tier1 - M365-security-compliance-- SPO_Content+- ediscovery search.appverid: - MOE150 - MET150-description: "Use search permissions filtering to let eDiscovery managers search only a subset of mailboxes and sites in your organization." |
compliance | Predictive Coding Apply Prediction Filter | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-apply-prediction-filter.md | Title: "Apply the prediction score filter to a review set" +description: "Use a prediction score filter to displays items that a predictive coding model as predicted as relevant or not relevant." f1.keywords: - NOCSH -description: "Use a prediction score filter to displays items that a predictive coding model as predicted as relevant or not relevant." ++- tier1 +- M365-security-compliance +- ediscovery # Apply a prediction score filter to a review set (preview) |
compliance | Predictive Coding Create Model | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-create-model.md | Title: "Create a predictive coding model in eDiscovery (Premium)" +description: "Learn how to create a predictive coding model in eDiscovery (Premium). This is the first step in using the machine learning capabilities in eDiscovery (Premium) to help you identify relevant and non-relevant content in a review set." f1.keywords: - NOCSH -description: "Learn how to create a predictive coding model in eDiscovery (Premium). This is the first step in using the machine learning capabilities in eDiscovery (Premium) to help you identify relevant and non-relevant content in a review set." ++- tier1 +- M365-security-compliance +- ediscovery # Create a predictive coding model (preview) |
compliance | Predictive Coding Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-overview.md | Title: "Predictive coding module for eDiscovery (Premium) (preview)" +description: "The new predictive coding module in eDiscovery (Premium) uses machine learning to analyze items in a review set to predictive which the items that are relevant to your case or investigation." f1.keywords: - NOCSH -description: "The new predictive coding module in eDiscovery (Premium) uses machine learning to analyze items in a review set to predictive which the items that are relevant to your case or investigation." ++- tier1 +- M365-security-compliance +- ediscovery # Learn about predictive coding in eDiscovery (Premium) (preview) |
compliance | Predictive Coding Quick Start | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-quick-start.md | Title: "Predictive coding in eDiscovery (Premium) - Quick start" +description: "Learn how to get started using the predictive coding module in eDiscovery (Premium). This article walks you through the end-to-end process of using predictive coding to identify content in a review set that's most relevant to your investigation." f1.keywords: - NOCSH -description: "Learn how to get started using the predictive coding module in eDiscovery (Premium). This article walks you through the end-to-end process of using predictive coding to identify content in a review set that's most relevant to your investigation." ++- tier1 +- M365-security-compliance +- ediscovery # Quick start: Predictive coding in eDiscovery (Premium) (preview) |
compliance | Predictive Coding Reference | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-reference.md | Title: "Predictive coding reference" +description: "Learn about the key concepts and metrics of the predictive coding tool in Microsoft Purview eDiscovery (Premium)." f1.keywords: - NOCSH -description: "Learn about the key concepts and metrics of the predictive coding tool in Microsoft Purview eDiscovery (Premium)." ++- tier1 +- M365-security-compliance +- ediscovery # Predictive coding reference (preview) |
compliance | Predictive Coding Train Model | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-train-model.md | Title: "Train a predictive coding model in eDiscovery (Premium)" +description: "Learn about performing the first training round for predictive coding." f1.keywords: - NOCSH -description: "Learn about performing the first training round for predictive coding." ++- tier1 +- M365-security-compliance +- ediscovery # Train a predictive coding model (preview) |
compliance | Preserve Bcc And Expanded Distribution Group Recipients For Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/preserve-bcc-and-expanded-distribution-group-recipients-for-ediscovery.md | Title: "Preserve Bcc and expanded distribution group recipients for eDiscovery" +description: "In-Place Hold, Litigation Hold, and Microsoft 365 retention policies allow you to preserve mailbox content to meet regulatory compliance and eDiscovery requirements." f1.keywords: - NOCSH audience: ITPro ms.localizationpriority: medium-description: "In-Place Hold, Litigation Hold, and Microsoft 365 retention policies allow you to preserve mailbox content to meet regulatory compliance and eDiscovery requirements." ++- tier1 +- M365-security-compliance +- ediscovery # Preserve Bcc and expanded distribution group recipients for eDiscovery |
compliance | Preview Ediscovery Search Results | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/preview-ediscovery-search-results.md | Title: "Preview the results of an eDiscovery search" +description: "Preview a sample of the results returned by a Content search or a eDiscovery (Standard) search in the Microsoft Purview compliance portal." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: high--- Strat_O365_IP++- tier1 - M365-security-compliance-- SPO_Content+- ediscovery search.appverid: - MOE150 - MED150 - MET150 - seo-marvel-apr2020-description: "Preview a sample of the results returned by a Content search or a eDiscovery (Standard) search in the Microsoft Purview compliance portal." # Preview eDiscovery search results |
compliance | Privileged Access Management Configuration | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/privileged-access-management-configuration.md | ms.localizationpriority: medium search.appverid: - MET150 -- Strat_O365_IP+- tier3 - m365-security-compliance - m365solution-insiderrisk-- m365initiative-compliance - Ent_Solutions - seo-marvel-apr2020 |
compliance | Privileged Access Management Solution Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/privileged-access-management-solution-overview.md | +- tier3 - m365-security-compliance - m365solution-insiderrisk-- m365initiative-compliance - m365solution-scenario |
compliance | Privileged Access Management | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/privileged-access-management.md | ms.localizationpriority: medium search.appverid: - MET150 -- Strat_O365_IP+- highpri +- tier3 - m365-security-compliance - m365solution-insiderrisk-- m365initiative-compliance - Ent_Solutions - seo-marvel-apr2020 |
compliance | Processing Data For Case | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/processing-data-for-case.md | Title: "Work with processing errors in eDiscovery (Premium)" +description: "Overview about processing various forms of data in eDiscovery (Premium)." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium- search.appverid: - MOE150 - MET150 - seo-marvel-apr2020-description: "Overview about processing various forms of data in eDiscovery (Premium)." ++- tier1 +- M365-security-compliance +- ediscovery # Work with processing errors in eDiscovery (Premium) |
compliance | Purview Compliance | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/purview-compliance.md | +- tier1 +- m365-security-compliance # Microsoft Purview risk and compliance solutions |
compliance | Record Versioning | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/record-versioning.md | +- tier1 - SPO_Content search.appverid: - MOE150 |
compliance | Records Management | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/records-management.md | +- tier1 search.appverid: - MOE150 - MET150 |
compliance | Recover An Inactive Mailbox | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/recover-an-inactive-mailbox.md | Last updated audience: Admin -++- M365-security-compliance +- tier2 ms.localizationpriority: medium search.appverid: - MOE150 |
compliance | Restore An Inactive Mailbox | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/restore-an-inactive-mailbox.md | Last updated audience: Admin -++- M365-security-compliance +- tier2 ms.localizationpriority: medium search.appverid: - MOE150 |
compliance | Retention Cmdlets | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-cmdlets.md | +- tier1 - SPO_Content-- m365initiative-compliance description: Identify the PowerShell cmdlets for Microsoft 365 retention that support configuration at-scale, automation, or might be needed for advanced configuration scenarios. |
compliance | Retention Flowchart | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-flowchart.md | +- tier1 - SPO_Content search.appverid: - MOE150 |
compliance | Retention Limits | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-limits.md | +- tier1 - SPO_Content search.appverid: - MOE150 |
compliance | Retention Policies Exchange | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-exchange.md | +- tier1 - SPO_Content search.appverid: - MOE150 |
compliance | Retention Policies Sharepoint | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-sharepoint.md | +- tier1 - SPO_Content search.appverid: - MOE150 |
compliance | Retention Policies Teams | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-teams.md | +- tier1 - SPO_Content search.appverid: - MOE150 |
compliance | Retention Policies Yammer | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-yammer.md | +- tier1 - SPO_Content search.appverid: - MOE150 |
compliance | Retention Preservation Lock | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-preservation-lock.md | Last updated audience: Admin -++- M365-security-compliance +- tier1 ms.localizationpriority: high search.appverid: - MOE150 |
compliance | Retention Regulatory Requirements | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-regulatory-requirements.md | Last updated audience: Admin -++- M365-security-compliance +- tier1 ms.localizationpriority: high search.appverid: - MOE150 |
compliance | Retention Settings | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-settings.md | +- tier1 - SPO_Content search.appverid: - MOE150 |
compliance | Retention | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention.md | +- tier1 - SPO_Content-- m365initiative-compliance search.appverid: - MOE150 - MET150 |
compliance | Retry Failed Content Search | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retry-failed-content-search.md | Title: "Retry a Content Search to resolve a content location error" +description: During an investigation, you can use the Retry button to resolve Content Searches that have content location errors. f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- content-search search.appverid: - MOE150 - MET150-description: During an investigation, you can use the Retry button to resolve Content Searches that have content location errors. |
compliance | Review Set Search | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/review-set-search.md | Title: "Query the content in a review set" +description: "Learn how to create and run a query in a review set to organize content for a more efficient review in a Microsoft Purview eDiscovery (Premium) case." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Learn how to create and run a query in a review set to organize content for a more efficient review in a Microsoft Purview eDiscovery (Premium) case." |
compliance | Search And Delete Teams Chat Messages | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-and-delete-Teams-chat-messages.md | Title: "Search for and delete chat messages in Teams" +description: "Use eDiscovery (Premium) and the Microsoft Graph Explorer to search for and purge chat messages in Microsoft Teams, and respond to data spillage incidents in Teams." f1.keywords: - NOCSH +- tier1 - M365-security-compliance+- ediscovery search.appverid: - MOE150 - MET150-description: "Use eDiscovery (Premium) and the Microsoft Graph Explorer to search for and purge chat messages in Microsoft Teams, and respond to data spillage incidents in Teams." # Search and purge chat messages in Teams (Preview) |
compliance | Search Cloud Based Mailboxes For On Premises Users | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-cloud-based-mailboxes-for-on-premises-users.md | Title: "Search for Teams chat data for on-premises users" +description: "Admins can use eDiscovery tools in Microsoft 365 to search for and export Teams chat data for on-premises users in an Exchange hybrid deployment." f1.keywords: - NOCSH Last updated audience: Admin -++- tier1 +- M365-security-compliance +- ediscovery ms.localizationpriority: high search.appverid: - MOE150 - MST160 - MET150-description: "Admins can use eDiscovery tools in Microsoft 365 to search for and export Teams chat data for on-premises users in an Exchange hybrid deployment." |
compliance | Search For And Delete Messages In Your Organization | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-for-and-delete-messages-in-your-organization.md | Title: "Search for and delete email messages in your organization" +description: "Use the search and purge feature in the Microsoft Purview compliance portal to search for and delete an email message from all mailboxes in your organization." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: high--- Strat_O365_IP++- tier1 - M365-security-compliance+- content-search search.appverid: - MOE150 - MET150-description: "Use the search and purge feature in the Microsoft Purview compliance portal to search for and delete an email message from all mailboxes in your organization." # Search for and delete email messages |
compliance | Search For Content In Core Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-for-content-in-core-ediscovery.md | Title: "Search for content in a eDiscovery (Standard) case" +description: "Search for content that may be relevant to a eDiscovery (Standard) case." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance-- SPO_Content+- ediscovery search.appverid: - MOE150 - MET150-description: "Search for content that may be relevant to a eDiscovery (Standard) case." # Search for content in a eDiscovery (Standard) case |
compliance | Search For Content | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-for-content.md | Title: "Search for content" +description: "Use the Content search eDiscovery tool in the Microsoft Purview compliance portal to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Skype for Business." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-description: "Use the Content search eDiscovery tool in the Microsoft Purview compliance portal to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Skype for Business." ++- highpri +- tier1 +- M365-security-compliance +- content-search # Search for content using the Content search tool |
compliance | Search For Ediscovery Activities In The Audit Log | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-for-ediscovery-activities-in-the-audit-log.md | Title: "Search for eDiscovery activities in the audit log" +description: Learn what events are logged when users assigned eDiscovery permissions perform Content search, eDiscovery (Standard), and eDiscovery (Premium) tasks in the Microsoft Purview compliance portal. f1.keywords: - NOCSH Last updated 05/10/2022 audience: Admin -++- tier1 +- M365-security-compliance +- ediscovery ms.localizationpriority: medium search.appverid: - MOE150 - MET150-description: Learn what events are logged when users assigned eDiscovery permissions perform Content search, eDiscovery (Standard), and eDiscovery (Premium) tasks in the Microsoft Purview compliance portal. |
compliance | Search The Audit Log In Security And Compliance | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance.md | Title: "Search the audit log in the Microsoft Purview compliance portal" +description: "Use the Microsoft Purview compliance portal to search the unified audit log to view user and administrator activity in your organization." f1.keywords: - NOCSH +- tier1 - M365-security-compliance-- SPO_Content+- audit search.appverid: - MOE150 - MET150-description: "Use the Microsoft Purview compliance portal to search the unified audit log to view user and administrator activity in your organization." - seo-marvel-apr2020 - admindeeplinkMAC |
compliance | Search The Mailbox And Onedrive For Business For A List Of Users | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-the-mailbox-and-onedrive-for-business-for-a-list-of-users.md | Title: Use Content Search for a list of users on the mailbox & OneDrive for Business site +description: "Use Content Search and the script in this article to search the mailboxes and OneDrive for Business sites for a group of users." f1.keywords: - NOCSH audience: Admin +- tier1 - M365-security-compliance-- SPO_Content+- content-search ms.localizationpriority: medium search.appverid: - MOE150 - MET150-description: "Use Content Search and the script in this article to search the mailboxes and OneDrive for Business sites for a group of users." |
compliance | Sensitivity Labels Aip | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-aip.md | +- tier1 search.appverid: - MOE150 - MET150 |
compliance | Sensitivity Labels Coauthoring | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-coauthoring.md | Last updated ms.localizationpriority: high - M365-security-compliance+- tier1 description: "Turn on a setting that enables co-authoring and AutoSave in desktop apps for labeled and encrypted documents in SharePoint and OneDrive." |
compliance | Sensitivity Labels Default Sharing Link | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-default-sharing-link.md | +- tier1 - SPO_Content search.appverid: - MOE150 |
compliance | Sensitivity Labels Office Apps | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-office-apps.md | audience: Admin ms.localizationpriority: high-++- M365-security-compliance +- tier1 search.appverid: - MOE150 - MET150 |
compliance | Sensitivity Labels Sharepoint Default Label | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-sharepoint-default-label.md | +- tier1 - SPO_Content search.appverid: - MOE150 |
compliance | Sensitivity Labels Sharepoint Onedrive Files | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-sharepoint-onedrive-files.md | +- tier1 - SPO_Content search.appverid: - MOE150 |
compliance | Sensitivity Labels Teams Groups Sites | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-teams-groups-sites.md | +- tier1 - SPO_Content search.appverid: |
compliance | Sensitivity Labels | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels.md | +- tier1 - SPO_Content - m365solution-mip-- m365initiative-compliance search.appverid: - MOE150 - MET150 |
compliance | Set Up Advanced Audit | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/set-up-advanced-audit.md | Title: "Set up Audit (Premium) in Microsoft 365" +description: "This article describes how to set up Audit (Premium) so you can perform forensic investigations when user accounts are compromised or to investigation other security-related incidents." f1.keywords: - NOCSH +- tier1 - M365-security-compliance - m365solution-audit-- m365initiative-compliance - m365solution-scenario+- audit search.appverid: - MOE150 - MET150-description: "This article describes how to set up Audit (Premium) so you can perform forensic investigations when user accounts are compromised or to investigation other security-related incidents." # Set up Microsoft Purview Audit (Premium) |
compliance | Set Up An Archive And Deletion Policy For Mailboxes | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/set-up-an-archive-and-deletion-policy-for-mailboxes.md | +- tier1 search.appverid: - MOE150 - MED150 |
compliance | Set Up Basic Audit | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/set-up-basic-audit.md | +- tier1 - M365-security-compliance - m365solution-audit-- m365initiative-compliance-- m365solution-scenario+- audit search.appverid: - MOE150 |
compliance | Set Up Compliance Boundaries | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/set-up-compliance-boundaries.md | Title: "Set up compliance boundaries for eDiscovery investigations" +description: "Learn how to use compliance boundaries to create logical boundaries that control the user content locations that an eDiscovery manager can search in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance-- SPO_Content+- ediscovery search.appverid: - MOE150 - MET150-description: "Learn how to use compliance boundaries to create logical boundaries that control the user content locations that an eDiscovery manager can search in Microsoft 365." |
compliance | Single Item Error Remediation | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/single-item-error-remediation.md | Title: "Single item error remediation" +description: "You can fix a processing error in a document in a review set in eDiscovery (Premium) without having to follow the bulk error remediation process." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150--description: "You can fix a processing error in a document in a review set in eDiscovery (Premium) without having to follow the bulk error remediation process." # Single item error remediation in eDiscovery (Premium) |
compliance | Smart Tags | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/smart-tags.md | Title: "Set up smart tags in eDiscovery (Premium)" +description: "Smart tags let you apply the machine learning capabilities when reviewing content in an eDiscovery (Premium) case. Use smart tag groups to display the results of machine learning detection models, such as the attorney-client privilege model." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150 -description: "Smart tags let you apply the machine learning capabilities when reviewing content in an eDiscovery (Premium) case. Use smart tag groups to display the results of machine learning detection models, such as the attorney-client privilege model." # Set up smart tags in eDiscovery (Premium) |
compliance | Supported Filetypes Ediscovery20 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/supported-filetypes-ediscovery20.md | Title: "Supported file types in eDiscovery (Premium)" +description: "A list of supported file types in Microsoft 365 eDiscovery (Premium), including image file types supported by the OCR functionality in eDiscovery (Premium)." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "A list of supported file types in Microsoft 365 eDiscovery (Premium), including image file types supported by the OCR functionality in eDiscovery (Premium)." |
compliance | Tagging And Relevance Training In Advanced Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/tagging-and-relevance-training-in-advanced-ediscovery.md | Title: "Tagging and Relevance training in eDiscovery (Premium)" +description: "Learn the steps to tag and then work with a training sample of 40 files during the Relevance training stage of eDiscovery (Premium)." f1.keywords: - NOCSH ms.localizationpriority: medium search.appverid: - MOE150 - MET150++- tier1 +- M365-security-compliance +- ediscovery -description: "Learn the steps to tag and then work with a training sample of 40 files during the Relevance training stage of eDiscovery (Premium)." # Tagging and Relevance training in eDiscovery (Premium) |
compliance | Tagging Documents | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/tagging-documents.md | Title: "Tag documents in a review set" +description: "Tagging documents in a review set helps remove unnecessary content and identify relevant content in an eDiscovery (Premium) case." f1.keywords: - NOCSH Previously updated : audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Tagging documents in a review set helps remove unnecessary content and identify relevant content in an eDiscovery (Premium) case." |
compliance | Teams Workflow In Advanced Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/teams-workflow-in-advanced-ediscovery.md | Title: "Teams workflow in eDiscovery (Premium)" +description: "Learn how to preserve, collect, review, and export content from Microsoft Teams in eDiscovery (Premium)." f1.keywords: - NOCSH -description: "Learn how to preserve, collect, review, and export content from Microsoft Teams in eDiscovery (Premium)." ++- highpri +- tier1 +- M365-security-compliance # eDiscovery (Premium) workflow for content in Microsoft Teams |
compliance | Test Relevance Analysis In Advanced Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/test-relevance-analysis-in-advanced-ediscovery.md | Title: Test Relevance analysis in eDiscovery (Premium) +description: "Learn how to use the Test tab after Batch calculation in eDiscovery (Premium) to test, compare, and validate the overall quality of processing." f1.keywords: - NOCSH Previously updated : audience: Admin ms.localizationpriority: medium search.appverid: - MOE150 - MET150++- tier1 +- M365-security-compliance +- ediscovery -description: "Learn how to use the Test tab after Batch calculation in eDiscovery (Premium) to test, compare, and validate the overall quality of processing." # Test Relevance analysis in eDiscovery (Premium) |
compliance | Themes In Advanced Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/themes-in-advanced-ediscovery.md | Title: Themes in eDiscovery (Premium) +description: "Use Themes in eDiscovery (Premium) to organize review sets by finding the dominant theme in each document." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Use Themes in eDiscovery (Premium) to organize review sets by finding the dominant theme in each document." |
compliance | Track Relevance Analysis In Advanced Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/track-relevance-analysis-in-advanced-ediscovery.md | Title: "Track Relevance analysis in eDiscovery (Premium)" +description: "Learn how to view and interpret the Relevance training status and results for case issues in eDiscovery (Premium)." f1.keywords: - NOCSH ms.localizationpriority: medium search.appverid: - MOE150 - MET150++- tier1 +- M365-security-compliance +- ediscovery -description: "Learn how to view and interpret the Relevance training status and results for case issues in eDiscovery (Premium)." # Track Relevance analysis in eDiscovery (Premium) |
compliance | Troubleshooting Azcopy | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/troubleshooting-azcopy.md | Title: "Troubleshoot AzCopy in eDiscovery (Premium)" +description: Troubleshoot errors for Azure AzCopy when loading non-Office 365 data for error remediation in eDiscovery (Premium). f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: Troubleshoot errors for Azure AzCopy when loading non-Office 365 data for error remediation in eDiscovery (Premium). - seo-marvel-mar2020 - seo-marvel-apr2020 |
compliance | Turn Audit Log Search On Or Off | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/turn-audit-log-search-on-or-off.md | Title: "Turn auditing on or off" +description: How to turn on or off the Audit log search feature in the Microsoft Purview compliance portal to enable or disable the ability of admins to search the audit log. f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance+- audit search.appverid: - MOE150 - MED150 - MET150 -description: How to turn on or off the Audit log search feature in the Microsoft Purview compliance portal to enable or disable the ability of admins to search the audit log. # Turn auditing on or off |
compliance | Use A Script To Add Users To A Hold In Ediscovery | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-a-script-to-add-users-to-a-hold-in-ediscovery.md | Title: "Use a script to add users to a hold in a eDiscovery (Standard) case" +description: "Learn how to run a script to add mailboxes & OneDrive for Business sites to a new hold associated with an eDiscovery case in the Microsoft Purview compliance portal." f1.keywords: - NOCSH audience: Admin -- SPO_Content+- tier1 +- M365-security-compliance +- ediscovery ms.localizationpriority: medium search.appverid: - MOE150 - MED150 - MBS150 - MET150 - seo-marvel-apr2020 - admindeeplinkSPO-description: "Learn how to run a script to add mailboxes & OneDrive for Business sites to a new hold associated with an eDiscovery case in the Microsoft Purview compliance portal." # Use a script to add users to a hold in a eDiscovery (Standard) case |
compliance | Use Content Search For Targeted Collections | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-content-search-for-targeted-collections.md | Title: "Use Content search for targeted collections" +description: "Use Content search in the Microsoft Purview compliance portal to perform a targeted collection, which searches for items in a specific mailbox or site folder." f1.keywords: - NOCSH audience: Admin +- tier1 - M365-security-compliance-- SPO_Content+- content-search ms.localizationpriority: medium search.appverid: - MOE150 - MET150 -description: "Use Content search in the Microsoft Purview compliance portal to perform a targeted collection, which searches for items in a specific mailbox or site folder." # Use Content search for targeted collections |
compliance | Use Content Search To Search Third Party Data That Was Imported | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-content-search-to-search-third-party-data-that-was-imported.md | Title: "Use Content Search to search third-party imported data" +description: Use the Content Search eDiscovery tool to search for items imported to mailboxes in Microsoft 365 from a third-party data source by creating queries. f1.keywords: - NOCSH Last updated audience: Admin -++- tier1 +- M365-security-compliance +- content-search ms.localizationpriority: medium search.appverid: - MOE150 - MET150-description: Use the Content Search eDiscovery tool to search for items imported to mailboxes in Microsoft 365 from a third-party data source by creating queries. |
compliance | Use Drive Shipping To Import Pst Files To Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-drive-shipping-to-import-pst-files-to-office-365.md | Title: "Use drive shipping to import PST files" +description: Admin can learn how to bulk-import PST files to Microsoft 365 mailboxes by copying PST files to a hard drive and then shipping it to Microsoft. f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium--- Strat_O365_IP++- tier1 - M365-security-compliance+- import search.appverid: - MOE150 - MET150 -description: Admin can learn how to bulk-import PST files to Microsoft 365 mailboxes by copying PST files to a hard drive and then shipping it to Microsoft. # Use drive shipping to import your organization's PST files |
compliance | Use Network Upload To Import Pst Files | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-network-upload-to-import-pst-files.md | Title: "Use network upload to import PST files" +description: "For administrators: Learn how to use network upload to bulk-import multiple PST files to user mailboxes in Microsoft 365." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: high--- Strat_O365_IP++- tier1 - M365-security-compliance+- import search.appverid: - MOE150 - MED150 - MET150-description: "For administrators: Learn how to use network upload to bulk-import multiple PST files to user mailboxes in Microsoft 365." After the PST files have been uploaded to the Azure Storage location for your or 3. Use the information in the following table to populate the CSV file with the required information. - | Parameter | Description | Example | - |:--|:--|:--| - | `Workload` <br/> |Specifies the service that data will be imported to. To import PST files to user mailboxes, use `Exchange`. <br/> | `Exchange` <br/> | - | `FilePath` <br/> |Specifies the folder location in the Azure Storage location that you uploaded the PST files to in Step 2. <br/> If you didn't include an optional subfolder name in the SAS URL in the `/Dest:` parameter in Step 2, leave this parameter blank in the CSV file. If you included a subfolder name, specify it in this parameter (see the second example). The value for this parameter is case-sensitive. <br/> Either way, *don't* include "ingestiondata" in the value for the `FilePath` parameter. <br/><br/> **Important:** The case for the file path name must be the same as the case you used if you included an optional subfolder name in the SAS URL in the destination field in Step 2. For example, if you used `PSTFiles` for the subfolder name in Step 2 and then use `pstfiles` in the `FilePath` parameter in CSV file, the import for the PST file will fail. Be sure to use the same case in both instances. <br/> |(leave blank) <br/> Or <br/> `PSTFiles` <br/> | - | `Name` <br/> |Specifies the name of the PST file that will be imported to the user mailbox. The value for this parameter is case-sensitive. The file name of each PST file in the mapping file for an import job must be unique. <br/> <br/>**Important:** The case for the PST file name in the CSV file must be the same as the PST file that was uploaded to the Azure Storage location in Step 2. For example, if you use `annb.pst` in the `Name` parameter in the CSV file, but the name of the actual PST file is `AnnB.pst`, the import for that PST file will fail. Be sure that the name of the PST in the CSV file uses the same case as the actual PST file. <br/> | `annb.pst` <br/> | - | `Mailbox` <br/> |Specifies the email address of the mailbox that the PST file will be imported to. You can't specify a public folder or unified group because the PST Import Service doesn't support importing PST files or unified groups to public folders. <br/> To import a PST file to an inactive mailbox, you have to specify the mailbox GUID for this parameter. To obtain this GUID, run the following PowerShell command in Exchange Online: `Get-Mailbox <identity of inactive mailbox> -InactiveMailboxOnly`. | `FL Guid` <br/> **Note:** Sometimes you might have multiple mailboxes with the same email address, where one mailbox is an active mailbox and the other mailbox is in a soft-deleted (or inactive) state. In these situations, you have to specify the mailbox GUID to uniquely identify the mailbox to import the PST file to. To obtain this GUID for active mailboxes, run the following PowerShell command: `Get-Mailbox <identity of active mailbox>`. | `FL Guid`. To obtain the GUID for soft-deleted (or inactive) mailboxes, run this command `Get-Mailbox \<identity of soft-deleted or inactive mailbox\> -SoftDeletedMailbox | FL Guid`. <br/> | `annb@contoso.onmicrosoft.com` <br/> Or <br/> `2d7a87fe-d6a2-40cc-8aff-1ebea80d4ae7` <br/> | + |**Parameter**|**Description**|**Example**| + |:|:--|:-| + |`Workload`|Specifies the service that data will be imported to. To import PST files to user mailboxes, use `Exchange`.| `Exchange`| + |`FilePath`|Specifies the folder location in the Azure Storage location that you uploaded the PST files to in Step 2. <br/> If you didn't include an optional subfolder name in the SAS URL in the `/Dest:` parameter in Step 2, leave this parameter blank in the CSV file. If you included a subfolder name, specify it in this parameter (see the second example). The value for this parameter is case-sensitive. <br/> Either way, *don't* include "ingestiondata" in the value for the `FilePath` parameter. <br/><br/> **Important:** The case for the file path name must be the same as the case you used if you included an optional subfolder name in the SAS URL in the destination field in Step 2. For example, if you used `PSTFiles` for the subfolder name in Step 2 and then use `pstfiles` in the `FilePath` parameter in CSV file, the import for the PST file will fail. Be sure to use the same case in both instances. |(leave blank) <br/> Or <br/> `PSTFiles` | + |`Name`|Specifies the name of the PST file that will be imported to the user mailbox. The value for this parameter is case-sensitive. The file name of each PST file in the mapping file for an import job must be unique. <br/> <br/>**Important:** The case for the PST file name in the CSV file must be the same as the PST file that was uploaded to the Azure Storage location in Step 2. For example, if you use `annb.pst` in the `Name` parameter in the CSV file, but the name of the actual PST file is `AnnB.pst`, the import for that PST file will fail. Be sure that the name of the PST in the CSV file uses the same case as the actual PST file.| `annb.pst`| + |`Mailbox`|Specifies the email address of the mailbox that the PST file will be imported to. You can't specify a public folder or unified group because the PST Import Service doesn't support importing PST files or unified groups to public folders. <br/> To import a PST file to an inactive mailbox, you have to specify the mailbox GUID for this parameter. To obtain this GUID, run the following PowerShell command in Exchange Online: `Get-Mailbox <identity of inactive mailbox> -InactiveMailboxOnly FL Guid`. | **Note:** Sometimes you might have multiple mailboxes with the same email address, where one mailbox is an active mailbox and the other mailbox is in a soft-deleted (or inactive) state. In these situations, you have to specify the mailbox GUID to uniquely identify the mailbox to import the PST file to. To obtain this GUID for active mailboxes, run the following PowerShell command: `Get-Mailbox <identity of active mailbox>`. <br/><br/>To obtain the GUID for soft-deleted (or inactive) mailboxes, run this command: `Get-Mailbox \<identity of soft-deleted or inactive mailbox\> -SoftDeletedMailbox FL Guid annb@contoso.onmicrosoft.com` <br/> Or <br/> `2d7a87fe-d6a2-40cc-8aff-1ebea80d4ae7` <br/> | | `IsArchive` <br/> | Specifies whether to import the PST file to the user's archive mailbox. There are two options: <br/><br/>**FALSE:** Imports the PST file to the user's primary mailbox. <br/> **TRUE:** Imports the PST file to the user's archive mailbox. This assumes that the [user's archive mailbox is enabled](enable-archive-mailboxes.md). <br/><br/>If you set this parameter to `TRUE` and the user's archive mailbox isn't enabled, the import for that user will fail. If an import fails for one user (because their archive isn't enabled and this property is set to `TRUE`), the other users in the import job won't be affected. <br/> If you leave this parameter blank, the PST file is imported to the user's primary mailbox. <br/> <br/>**Note:** To import a PST file to a cloud-based archive mailbox for a user whose primary mailbox is on-premises, just specify `TRUE` for this parameter and specify the email address for the user's on-premises mailbox for the `Mailbox` parameter. <br/> | `FALSE` <br/> Or <br/> `TRUE` <br/> | | `TargetRootFolder` <br/> | Specifies the mailbox folder that the PST file is imported to. <br/> <br/> If you leave this parameter blank, the PST file will be imported to a new folder named **Imported** at the root level of the mailbox (the same level as the Inbox folder and the other default mailbox folders). <br/> <br/> If you specify `/`, the folders and items in the PST file are imported to the top of the folder structure in the target mailbox or archive. If a folder exists in the target mailbox (for example, default folders such as Inbox, Sent Items, and Deleted Items), the items in that folder in the PST are merged into the existing folder in the target mailbox. For example, if the PST file contains an Inbox folder, items in that folder are imported to the Inbox folder in the target mailbox. New folders are created if they don't exist in the folder structure for the target mailbox. <br/><br/> If you specify `/<foldername>`, items and folders in the PST file are imported to a folder named *\<foldername\>* . For example, if you use `/ImportedPst`, items would be imported to a folder named **ImportedPst**. This folder will be located in the user's mailbox at the same level as the Inbox folder. <br/><br/> **Tip:** Consider running a few test batches to experiment with this parameter so you can determine the best folder location to import PST files. <br/> |(leave blank) <br/> Or <br/> `/` <br/> Or <br/> `/ImportedPst` <br/> | | `ContentCodePage` <br/> |This optional parameter specifies a numeric value for the code page to use for importing PST files in the ANSI file format. This parameter is used for importing PST files from Chinese, Japanese, and Korean (CJK) organizations because these languages typically use a double byte character set (DBCS) for character encoding. If this parameter isn't used to import PST files for languages that use DBCS for mailbox folder names, the folder names are often garbled after they're imported. <br/><br/> For a list of supported values to use for this parameter, see [Code Page Identifiers](/windows/win32/intl/code-page-identifiers). <br/> <br/>**Note:** As previously stated, this is an optional parameter and you don't have to include it in the CSV file. Or you can include it and leave the value blank for one or more rows. <br/> |(leave blank) <br/> Or <br/> `932` (which is the code page identifier for ANSI/OEM Japanese) <br/> | |
compliance | Use Sharing Auditing | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-sharing-auditing.md | Title: "Use sharing auditing in the audit log" +description: Admin can learn how to use sharing auditing in the Microsoft 365 audit log to identify resources shared with users outside of their organization. f1.keywords: - NOCSH search.appverid: - MOE150 - BCS160 - MET150-++- tier1 - M365-security-compliance-- SPO_Content-description: Admin can learn how to use sharing auditing in the Microsoft 365 audit log to identify resources shared with users outside of their organization. +- audit |
compliance | Use Your Free Azure Ad Subscription In Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-your-free-azure-ad-subscription-in-office-365.md | Title: "Use your free Azure Active Directory subscription" f1.keywords: - NOCSH--++ Last updated audience: Admin |
compliance | Using Communications Editor | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/using-communications-editor.md | Title: "Use the communications editor" +description: Use the Communications Editor to change text and merge field variables when formatting your content. f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150--description: Use the Communications Editor to change text and merge field variables when formatting your content. |
compliance | View Custodian Activity | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/view-custodian-activity.md | Title: "View custodian audit activity" +description: Use the eDiscovery (Premium) Custodian Management tool to easily access and search the activity for custodians within your case. f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: Use the eDiscovery (Premium) Custodian Management tool to easily access and search the activity for custodians within your case. - seo-marvel-mar2020 - admindeeplinkEXCHANGE |
compliance | View Documents In Review Set | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/view-documents-in-review-set.md | Title: View documents in a review set in eDiscovery (Premium) +description: "Choose how you view content in eDiscovery (Premium), such as text, annotate, converted, or native view." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MET150-description: "Choose how you view content in eDiscovery (Premium), such as text, annotate, converted, or native view." |
compliance | View Keyword Statistics For Content Search | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/view-keyword-statistics-for-content-search.md | Title: "View statistics for eDiscovery search results" +description: "Learn how to use the search statistics feature to display statistics for Content searches and searches associated with a eDiscovery (Standard) case in the Microsoft Purview compliance portal." f1.keywords: - NOCSH ms.localizationpriority: medium search.appverid: - MOE150 - MET150-description: "Learn how to use the search statistics feature to display statistics for Content searches and searches associated with a eDiscovery (Standard) case in the Microsoft Purview compliance portal." ++- tier1 +- M365-security-compliance +- ediscovery # View statistics for eDiscovery search results |
compliance | What Is Stored In Exo Mailbox | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/what-is-stored-in-exo-mailbox.md | Title: "Content stored in Exchange Online mailboxes" +description: "Content produced by cloud-based apps in Microsoft 365 is stored or associated with a user's Exchange Online mailbox. This content can be searched using Microsoft eDiscovery tools." f1.keywords: - NOCSH audience: Admin ms.localizationpriority: medium-++- tier1 +- M365-security-compliance +- ediscovery search.appverid: - MOE150 - MED150 - MET150-description: "Content produced by cloud-based apps in Microsoft 365 is stored or associated with a user's Exchange Online mailbox. This content can be searched using Microsoft eDiscovery tools." # Content stored in Exchange Online mailboxes for eDiscovery |
compliance | Work With Partner To Archive Third Party Data | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/work-with-partner-to-archive-third-party-data.md | Title: "Work with a partner to archive third-party data" +description: Learn how to set up a custom connector to import third-party data from data sources such as Salesforce Chatter, Yahoo Messenger, or Yammer. f1.keywords: - NOCSH +- tier1 +- M365-security-compliance +- data-connectors - seo-marvel-apr2020 - admindeeplinkEXCHANGE-description: Learn how to set up a custom connector to import third-party data from data sources such as Salesforce Chatter, Yahoo Messenger, or Yammer. + # Work with a partner to archive third-party data |
enterprise | Microsoft 365 Isolation In Azure Active Directory | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-isolation-in-azure-active-directory.md | Title: "Microsoft 365 Isolation and Access Control in Azure Active Directory"--++ audience: ITPro |
enterprise | Microsoft 365 Isolation In Microsoft 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-isolation-in-microsoft-365.md | Title: "Isolation and Access Control in Microsoft 365"--++ audience: ITPro |
enterprise | Privileged Access Microsoft 365 Enterprise Dev Test Environment | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/privileged-access-microsoft-365-enterprise-dev-test-environment.md | Title: "Privileged access management for your Microsoft 365 for enterprise test environment" f1.keywords: - NOCSH--++ audience: ITPro ms.localizationpriority: medium--- Ent_O365-- Strat_O365_Enterprise+ +- tier3 - M365-security-compliance description: Use this Test Lab Guide to enable privileged access management your Microsoft 365 for enterprise test environment. |
security | Alerts | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/alerts.md | search.appverid: met150 |relatedUser|String|Details of user related to a specific alert.| |severity|Enum|Severity of the alert. Possible values are: 'UnSpecified', 'Informational', 'Low', 'Medium' and 'High'.| |status|Enum|Specifies the current status of the alert. Possible values are: 'Unknown', 'New', 'InProgress' and 'Resolved'.|-|classification|Nullable Enum|Specification of the alert. Possible values are: 'Unknown', 'FalsePositive', 'TruePositive'.| -|determination|Nullable Enum|Specifies the determination of the alert. Possible values are: 'NotAvailable', 'Apt', 'Malware', 'SecurityPersonnel', 'SecurityTesting', 'UnwantedSoftware', 'Other'.| +|classification|Nullable Enum|Specification of the alert. Possible values are: `TruePositive`, `Informational, expected activity`, and `FalsePositive`.| +|determination|Nullable Enum|Specifies the determination of the alert. <p>Possible determination values for each classification are: <br><li> <b>True positive</b>: `Multistage attack` (MultiStagedAttack), `Malicious user activity` (MaliciousUserActivity), `Compromised account` (CompromisedUser) ΓÇô consider changing the enum name in public api accordingly, `Malware` (Malware), `Phishing` (Phishing), `Unwanted software` (UnwantedSoftware), and `Other` (Other). <li> <b>Informational, expected activity:</b> `Security test` (SecurityTesting), `Line-of-business application` (LineOfBusinessApplication), `Confirmed activity` (ConfirmedUserActivity) - consider changing the enum name in public api accordingly, and `Other` (Other). <li> <b>False positive:</b> `Not malicious` (Clean) - consider changing the enum name in public api accordingly, `Not enough data to validate` (InsufficientData), and `Other` (Other).| |category|String|Category of the alert.| |detectionSource|String|Detection source.| |threatFamilyName|String|Threat family.| search.appverid: met150 |Evidence|List of Alert evidence|Evidence related to the alert. See example below.| >[!NOTE]->Around August 29th, 2022, previously supported alert determination values ('Apt' and 'SecurityPersonnel') will be deprecated and no longer available via the API. +>Around August 29, 2022, previously supported alert determination values ('Apt' and 'SecurityPersonnel') will be deprecated and no longer available via the API. ### Response example for getting single alert: |
security | Attack Surface Reduction Rules Deployment Operationalize | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-operationalize.md | Title: Operationalize attack surface reduction (ASR) rules description: Provides guidance to operationalize your attack surface reduction rules deployment. -keywords: Attack surface reduction rules deployment, ASR deployment, enable asr rules, configure ASR, host intrusion prevention system, protection rules, anti-exploit rules, anti-exploit, exploit rules, infection prevention rules, Microsoft Defender for Endpoint, configure ASR rules +keywords: Attack surface reduction (ASR) rules deployment, Microsoft ASR, manage defender ASR rules, monitor asr rules, asr rules advanced hunting, ASR rules report, asr rules false positives, configure ASR, host intrusion prevention system, protection rules, anti-exploit rules, anti-exploit, exploit rules, infection prevention rules, Microsoft Defender for Endpoint, configure ASR rules search.product: eADQiWindows 10XVcnh ms.mktglfcycl: manage ms.sitesec: library search.appverid: met150 # Operationalize attack surface reduction (ASR) rules -After you've fully deployed attack surface reduction (ASR) rules, it's vital that you have processes in place to monitor and respond to ASR-related activities. +After you've fully deployed attack surface reduction (ASR) rules, it's vital that you have processes in place to monitor and respond to ASR-related activities. Activities include: -## Managing false positives +## Managing ASR rules false positives False positives/negatives can occur with any threat protection solution. False positives are cases in which an entity (such as a file or process) is detected and identified as malicious, although the entity isn't actually a threat. In contrast, a false negative is an entity that wasn't detected as a threat but is malicious. For more information about false positives and false negatives, see: [Address false positives/negatives in Microsoft Defender for Endpoint](defender-endpoint-false-positives-negatives.md) -## Keeping up with reports +## Keeping up with ASR rules reports Consistent, regular review of reports is an essential aspect of maintaining your ASR rules deployment and keeping abreast of newly emerging threats. Your organization should have scheduled reviews of ASR rules events on a cadence that will keep current with ASR rules-reported events. Depending on the size of your organization, reviews might be daily, hourly, or continuous monitoring. -## Hunting +## ASR rules Advanced Hunting One of the most powerful features of [Microsoft 365 Defender](https://security.microsoft.com) is advanced hunting. If you're not familiar with advanced hunting, see: [Proactively hunt for threats with advanced hunting](/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview). -> [!div class="mx-imgBorder"] -> :::image type="content" source="images/asr-defender365-advanced-hunting2.png" alt-text="The Advanced Hunting page in the Microsoft 365 Defender portal" lightbox="images/asr-defender365-advanced-hunting2.png"::: +> :::image type="content" source="images/asr-defender365-advanced-hunting2.png" alt-text="The Advanced Hunting page in the Microsoft 365 Defender portal. Microsoft Defender for Endpoint (MDE) ASR rules, ASR rules advanced hunting, asr rules reports, asr rules false positives," lightbox="images/asr-defender365-advanced-hunting2.png"::: Advanced hunting is a query-based (Kusto Query Language) threat-hunting tool that lets you explore up to 30 days of the captured (raw) data that Microsoft Defender ATP Endpoint Detection and Response (EDR) collects from all your machines. Through advanced hunting, you can proactively inspect events in order to locate interesting indicators and entities. The flexible access to data facilitates unconstrained hunting for both known and potential threats. |
security | Attack Surface Reduction Rules Deployment Plan | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-plan.md | Title: Plan attack surface reduction (ASR) rules deployment description: Provides guidance to plan your attack surface reduction (ASR) rules deployment. -keywords: Attack surface reduction rules deployment, ASR deployment, enable asr rules, configure ASR, host intrusion prevention system, protection rules, anti-exploit rules, anti-exploit, exploit rules, infection prevention rules, Microsoft Defender for Endpoint, configure ASR rules +keywords: Attack surface reduction rules deployment, Microsoft Defender for Endpoint (MDE) ASR deployment, Defender ASR rules, enable asr rules, configure ASR, host intrusion prevention system, protection rules, anti-exploit rules, anti-exploit, exploit rules, infection prevention rules, Microsoft Defender for Endpoint, configure ASR rules search.product: eADQiWindows 10XVcnh ms.mktglfcycl: manage ms.sitesec: library search.appverid: met150 # Plan attack surface reduction (ASR) rules deployment -When testing attack surface reduction (ASR) rules it is important to start with the right business unit. You'll want to start with a small group of people in a specific business unit. You can identify some ASR champions within a particular business unit who can provide real-world impact about the ASR rules, and help you tune your implementation. +Before you test or enable Microsoft Defender for Endpoint (MDE) attack surface reduction (ASR) rules, you should plan how you will roll out your deployment. Careful planning will not only help testing and enabling your ASR rules deployment, but will also be of benefit when you configure ASR rules exceptions. When planning to test or enable attack surface reduction (ASR) rules it is important to start with the right business unit. You'll want to start with a small group of people in a specific business unit. You can identify some ASR champions within a particular business unit who can provide real-world impact about the ASR rules, and help you tune your implementation. -> [!div class="mx-imgBorder"] -> :::image type="content" source="images/asr-rules-planning-steps.png" alt-text="The ASR rules planning steps" lightbox="images/asr-rules-planning-steps.png"::: +> :::image type="content" source="images/asr-rules-planning-steps.png" alt-text="The ASR rules planning steps. Preparation before you test Microsoft Defender for Endpoint (MDE) ASR rules, or enable MDE ASR rules. " lightbox="images/asr-rules-planning-steps.png"::: -## Start with the right business unit +## Start your ASR rules deployment with the right business unit How you select the business unit to roll out your ASR rules deployment will depend on factors such as: How you select the business unit to roll out your ASR rules deployment will dep Depending on your business needs, you might decide to include multiple business units to get a broad sampling of software, shared folders, scripts, macros, etc. Conversely, you might decide to limit the scope of your first ASR rules rollout to a single business unit, then repeat the entire ASR rules rollout process to your other business units, one-at-a-time. -## Identify ASR rules champions +## Identify ASR rules champions ASR rules champions are members in your organization that will help with your initial ASR rules rollout during the preliminary testing and implementation phases. Your champions are typically employees who are more technically adept, and who are not derailed by intermittent work-flow outages. The champions' involvement will continue throughout the broader expansion of ASR rules deployment to your organization. Your ASR rules champions will be first to experience each level of the ASR rules rollout. It is important to provide a feedback and response channel for your ASR rules ch Having a full understanding of the applications and per-business-unit processes that are used across your organization is critical to a successful ASR rules deployment. Additionally, it is imperative that you understand how those apps are used within the various business units in your organization. To start, you should get an inventory of the apps that are approved for use across the breadth of the organization. You can use tools such as the Microsoft 365 Apps admin center to help you inventory software applications. See: [Overview of inventory in the Microsoft 365 Apps admin center](/deployoffice/admincenter/inventory). -## Define reporting and response team roles and responsibilities +## Define reporting and response ASR rules team roles and responsibilities Clearly articulating roles and responsibilities of persons responsible for monitoring and communicating ASR rules status and activity is a core activity of ASR maintenance. Therefore, it is important to determine: Typical roles and responsibilities include: - Certified security operations center (CSOC) analyst: Responsible for investing high-priority, blocked processes, to determine wither the threat is valid or not - Chief information security officer (CISO): Responsible for the overall security posture and health of the organization -## Ring deployment +## ASR rules ring deployment For large enterprises, Microsoft recommends deploying ASR rules in "rings." Rings are groups of devices that are visually represented as concentric circles that radiate outward like non-overlapping tree rings. When the innermost ring is successfully deployed, you can transition the next ring into the testing phase. Thorough assessment of your business units, ASR rules champions, apps, and processes is imperative to defining your rings. In most cases, your organization will have designed deployment rings for phased rollouts of Windows updates. You can use your existing ring design to implement ASR rules. |
security | Attack Surface Reduction Rules Deployment Test | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-test.md | Title: Test attack surface reduction (ASR) rules -description: Provides guidance to test your attack surface reduction (ASR) rules deployment. -keywords: Attack surface reduction rules deployment, ASR deployment, enable asr rules, configure ASR, host intrusion prevention system, protection rules, anti-exploit rules, anti-exploit, exploit rules, infection prevention rules, Microsoft Defender for Endpoint, configure ASR rules +description: Provides guidance to test your attack surface reduction (ASR) rules deployment. Microsoft Defender for Endpoint (MDE) ASR test includes, audit defender ASR rules, configure ASR rules using MEM, Microsoft ASR rules reporting, ASR rules exclusions, ASR rules event viewer. +keywords: Microsoft Defender for Endpoint (MDE) Attack surface reduction (ASR) rules deployment, Attack surface reduction guide, ASR deployment, test asr rules, ASR rules exclusions, Microsoft ASR, configure ASR rules, attack surface reduction rules best practice, attack surface reduction intune, ASR rules event viewer, attack surface reduction defender, asr rules powershell, attack surface reduction best practice, disable ASR rules, host intrusion prevention system, protection rules, anti-exploit rules, anti-exploit, exploit rules, infection prevention rules, Microsoft Defender for Endpoint, configure ASR rules search.product: eADQiWindows 10XVcnh ms.mktglfcycl: manage ms.sitesec: library search.appverid: met150 # Test attack surface reduction (ASR) rules -Testing attack surface reduction (ASR) rules helps you determine if rules will impede line-of-business operations prior to enabling any rule. By starting with a small, controlled group, you can limit potential work disruptions as you expand your deployment across your organization. +Testing Microsoft Defender for Endpoint (MDE) attack surface reduction (ASR) rules helps you determine if rules will impede line-of-business operations prior to enabling any rule. By starting with a small, controlled group, you can limit potential work disruptions as you expand your deployment across your organization. -Begin your attack surface reduction(ASR) rules deployment with ring 1. +In this section of the ASR rules deployment guide, you will learn how to: -> [!div class="mx-imgBorder"] -> :::image type="content" source="images/asr-rules-testing-steps.png" alt-text="The ASR rules testing steps" lightbox="images/asr-rules-testing-steps.png"::: +- configure rules using MEM +- use Microsoft Defender for Endpoint ASR rules reports +- configure ASR rules exclusions +- enable ASR rules using PowerShell +- use Event Viewer for ASR rules events ++> [!NOTE] +> Before you begin testing ASR rules, it is recommended that you first disable all rules that you have previously set to either **audit** or **enable** (if applicable). See [Attack surface reduction rules reports](attack-surface-reduction-rules-report.md) for information about using the ASR rules report to disable ASR rules. ++Begin your attack surface reduction (ASR) rules deployment with ring 1. ++> :::image type="content" source="images/asr-rules-testing-steps.png" alt-text="The Microsoft Defender for Endpoint (MDE) attack surface reduction (ASR rules) test steps. Audit ASR rules, configure ASR rules exclusions. Configure ASR rules MEM. ASR rules exclusions. ASR rules event viewer." lightbox="images/asr-rules-testing-steps.png"::: ## Step 1: Test ASR rules using Audit Begin the testing phase by turning on the ASR rules with the rules set to Audit, starting with your champion users or devices in ring 1. Typically, the recommendation is that you enable all the rules (in Audit) so that you can determine which rules are triggered during the testing phase. Note that rules that are set to Audit do not generally impact functionality of the entity or entities to which the rule is applied but do generate logged events for the evaluation; there is no effect on end users. -### Configure ASR Rules using MEM +### Configure ASR rules using MEM You can use Microsoft Endpoint Manager (MEM) Endpoint Security to configure custom ASR rules. Your new attack surface reduction policy for ASR rules is listed in **Endpoint s > [!div class="mx-imgBorder"] > :::image type="content" source="images/asr-mem-my-asr-rules.png" alt-text=" The Attack surface reduction page" lightbox="images/asr-mem-my-asr-rules.png"::: -## Step 2: Understand the Attack surface reduction rules reporting page in the Microsoft 365 Defender portal +## Step 2: Understand the ASR rules reporting page in the Microsoft 365 Defender portal The ASR rules reporting page is found in **Microsoft 365 Defender portal** > **Reports** > **Attack surface reduction rules**. This page has three tabs: The Attack Surface reduction rules pane provides an overview of detected events >[!Note] >There are some variations in ASR rules reports. Microsoft is in the process of updating the behavior of the ASR rules reports to provide a consistent experience. -> [!div class="mx-imgBorder"] -> :::image type="content" source="images/asr-defender365-01b.png" alt-text="The Attack surface reduction rules page" lightbox="images/asr-defender365-01b.png"::: +> :::image type="content" source="images/asr-defender365-01b.png" alt-text="The Attack surface reduction rules page" lightbox="images/asr-defender365-01b.png"::: Click **View detections** to open the **Detections** tab. This tab provides a method to select detected entities (for example, false posit > [!Note] >If you have a Microsoft Defender 365 E5 (or Windows E5?) license, this link will open the Microsoft Defender 365 Reports > Attack surface reductions > [Exclusions](https://security.microsoft.com/asr?viewid=exclusions) tab. +For more information about using the ASR rules report to manage ASR rules, see [Attack surface reduction rules reports](attack-surface-reduction-rules-report.md). + ### Use PowerShell as an alternative method to enable ASR rules You can use PowerShell - as an alternative to MEM - to enable ASR rules in audit mode to view a record of apps that would have been blocked if the feature was fully enabled. You can also get an idea of how often the rules will fire during normal use. |
security | Attack Surface Reduction Rules Deployment | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment.md | Title: Attack surface reduction (ASR) rules deployment overview -description: Provides overview and prerequisite guidance about deploying attack surface reduction (ASR) rules. -keywords: Attack surface reduction rules deployment, ASR deployment, enable asr rules, configure ASR, host intrusion prevention system, protection rules, anti-exploit rules, anti-exploit, exploit rules, infection prevention rules, Microsoft Defender for Endpoint, configure ASR rules + Title: Microsoft Defender for Endpoint (MDE) attack surface reduction (ASR) rules deployment overview +description: Provides overview and prerequisite guidance about deploying Microsoft Defender for Endpoint (MDE) attack surface reduction (ASR) rules. Links to topics that show how to plan and ASR deployment, test ASR rules, configure ASR rules, and enable ASR rules. +keywords: Microsoft Defender for Endpoint (MDE) attack surface reduction rules, ASR rules intune, defender ASR rules, Windows 10 ASR rules, defender asr rules, ASR rules report, microsoft Attack surface reduction rules deployment, ASR rules event viewer, enable asr rules, configure ASR, host intrusion prevention system, protection rules, anti-exploit rules, anti-exploit, exploit rules, infection prevention rules, Microsoft Defender for Endpoint, configure ASR rules search.product: eADQiWindows 10XVcnh ms.mktglfcycl: manage ms.sitesec: library search.appverid: met150 # Attack surface reduction (ASR) rules deployment overview -Attack surfaces are all the places where your organization is vulnerable to cyberthreats and attacks. Your organization's attack surfaces includes all the places where an attacker could compromise your organization's devices or networks. Reducing your attack surface means protecting your organization's devices and network, which leaves attackers with fewer ways to attack. Configuring attack surface reduction (ASR) rules ΓÇö one of many security features found in Microsoft Defender for Endpoint ΓÇö can help. +Attack surfaces are all the places where your organization is vulnerable to cyberthreats and attacks. Reducing your attack surface means protecting your organization's devices and network, which leaves attackers with fewer ways to attack. Configuring Microsoft Defender for Endpoint (MDE) attack surface reduction (ASR) rules can help. ASR rules target certain software behaviors, such as: ASR rules target certain software behaviors, such as: By reducing the different attack surfaces, you can help prevent attacks from happening in the first place. -## Before you begin +This deployment collection provides information about the following aspects of MDE ASR rules: ++- ASR rules requirements +- plan for ASR rules deployment +- test ASR rules +- configure and enable asr rules +- attack surface reduction rules best practices +- ASR rules advanced hunting +- ASR rules event viewer ++## ASR rules deployment steps ++As with any new, wide-scale implementation which could potentially impact your line-of-business operations, it is important to be methodical in your planning and implementation. Because of the powerful capabilities of ASR rules in preventing malware, careful planning and deployment of these rules is necessary to ensure they work best for your unique customer workflows. To work in your environment, you need to plan, test, implement, and operationalize ASR rules carefully. ++> :::image type="content" source="images/asr-rules-deployment-phases.png" alt-text="Plan Microsoft Defender for Endpoint (MDE) attack surface reduction (ASR) rules, test MDE ASR rules, Enable MDE ASR rules, maintain ASR rules." lightbox="images/asr-rules-deployment-phases.png"::: ++>[!Note] +>For Customers who are using a non-Microsoft HIPS and are transitioning to Microsoft Defender for Endpoint attack surface reduction rules: +>Microsoft advises customers to run their HIPS solution side-by-side with their ASR rules deployment until the moment you shift from Audit to Block mode. Keep in mind that you must reach out to your 3rd-party antivirus vendor for exclusion recommendations. ++## Before you begin testing or enabling ASR rules During your initial preparation, it's vital that you understand the capabilities of the systems that you'll put in place. Understanding the capabilities will help you determine which ASR rules are most important for protecting your organization. Additionally, there are several prerequisites which you must attend to in preparation of your ASR deployment. Before you start, review [Overview of attack surface reduction](overview-attack- ASR rules are only one capability of the attack surface reduction capabilities within Microsoft Defender for Endpoint. This document will go into more detail on deploying ASR rules effectively to stop advanced threats like human-operated ransomware and other threats. -### Rules by category +### ASR rules list by category As outlined in [Use attack surface reduction rules to prevent malware infection](attack-surface-reduction.md), there are multiple attack surface reduction rules within MDE that you can enable to protect your organization. Following are the rules broken out by category: As outlined in [Use attack surface reduction rules to prevent malware infection] (<a id="fn1">2</a>) Some ASR rules generate considerable noise, but won't block functionality. For example, if you're updating Chrome; Chrome will access lsass.exe; passwords are stored in lsass on the device. However, Chrome should not be accessing local device lsass.exe. If you enable the rule to block access to lsass, it will generate a lot of events. Those events are good events because the software update process should not access lsass.exe. Enabling this rule will block Chrome updates from accessing lsass, but will not block Chrome from updating; this is also true of other applications that make unnecessary calls to lsass.exe. The _block access to lsass_ rule will block unnecessary calls to lsass, but won't block the application from running. -### Infrastructure requirements +### ASR infrastructure requirements Although multiple methods of implementing ASR rules are possible, this guide is based on an infrastructure consisting of: Microsoft Defender Antivirus must not be in any of the following modes: See: [Cloud-delivered protection and Microsoft Defender Antivirus](cloud-protection-microsoft-defender-antivirus.md). -### Cloud Protection (MAPS) must be enabled +### Cloud Protection (MAPS) must be enabled to enable ASR rules Microsoft Defender Antivirus works seamlessly with Microsoft cloud services. These cloud protection services, also referred to as Microsoft Advanced Protection Service (MAPS), enhances standard real-time protection, arguably providing the best antivirus defense. Cloud protection is critical to preventing breaches from malware and a critical component of ASR rules. [Turn on cloud-delivered protection in Microsoft Defender Antivirus](enable-cloud-protection-microsoft-defender-antivirus.md). -### Microsoft Defender Antivirus components must be current versions +### Microsoft Defender Antivirus components must be current versions for ASR rules The following Microsoft Defender Antivirus component versions must be no more than two versions older than the most-currently-available version: Keeping Microsoft Defender Antivirus versions current helps reduce ASR rules fal Some rules don't work well if un-signed, internally developed application and scripts are in high usage. It is more difficult to deploy ASR rules if code signing is not enforced. -## ASR rules deployment steps --As with any new, wide-scale implementation which could potentially impact your line-of-business operations, it is important to be methodical in your planning and implementation. Because of the powerful capabilities of ASR rules in preventing malware, careful planning and deployment of these rules is necessary to ensure they work best for your unique customer workflows. To work in your environment, you need to plan, test, implement, and operationalize ASR rules carefully. --> [!div class="mx-imgBorder"] -> :::image type="content" source="images/asr-rules-deployment-phases.png" alt-text="The ASR rules deployment phases" lightbox="images/asr-rules-deployment-phases.png"::: -->[!Note] ->For Customers who are using a non-Microsoft HIPS and are transitioning to Microsoft Defender for Endpoint attack surface reduction rules: ->Microsoft advises customers to run their HIPS solution side-by-side with their ASR rules deployment until the moment you shift from Audit to Block mode. Keep in mind that you must reach out to your 3rd-party antivirus vendor for exclusion recommendations. - ## Additional topics in this deployment collection [Test attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-test.md) As with any new, wide-scale implementation which could potentially impact your l [Demystifying attack surface reduction rules - Part 4](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/demystifying-attack-surface-reduction-rules-part-4/ba-p/1384425) -### ASR collection +### ASR rules collection [Overview of attack surface reduction](overview-attack-surface-reduction.md) |
security | Attack Surface Reduction Rules Reference | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference.md | Title: Attack surface reduction rules reference -description: Lists details about attack surface reduction rules on a per-rule basis. -keywords: Attack surface reduction rules, ASR, asr rules, hips, host intrusion prevention system, protection rules, anti-exploit rules, antiexploit, exploit rules, infection prevention rules, Microsoft Defender for Endpoint, configure ASR rules, ASR rule description +description: Lists details about Microsoft Defender for Endpoint (MDE) attack surface reduction (ASR) rules on a per-rule basis. +keywords: Microsoft Attack surface reduction rules, Microsoft Defender for Endpoint ASR rules, ASR rules list, ASR, asr rules, hips, host intrusion prevention system, protection rules, anti-exploit rules, antiexploit, exploit rules, infection prevention rules, Microsoft Defender for Endpoint, configure ASR rules, ASR rule description ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security Last updated 08/10/2022 search.appverid: met150 -# Attack surface reduction rules reference +# Attack surface reduction (ASR) rules reference **Applies to:** search.appverid: met150 - Windows -This article provides information about attack reduction rules: +This article provides information about Microsoft Defender for Endpoint attack surface reduction (ASR) rules: -- [Supported operating system versions](#supported-operating-systems)-- [Supported configuration management systems](#supported-configuration-management-systems)-- [Per-rule alert and notification details](#per-rule-alert-and-notification-details)+- [ASR rules supported operating system versions](#asr-rules-supported-operating-systems) +- [ASR rules supported configuration management systems](#asr-rules-supported-configuration-management-systems) +- [Per ASR rule alert and notification details](#per-asr-rule-alert-and-notification-details) - [ASR rule to GUID matrix](#asr-rule-to-guid-matrix) - [ASR rule modes](#asr-rule-modes) - [Per-rule-descriptions](#per-rule-descriptions) -## Supported operating systems +## ASR rules supported operating systems The following table lists the supported operating systems for rules that are currently released to general availability. The rules are listed alphabetical order in this table. The following table lists the supported operating systems for rules that are cur (<a id="fn1">3</a>) Version and build number apply only to Windows 10. -## Supported configuration management systems +## ASR rules supported configuration management systems Links to information about configuration management system versions referenced in this table are listed below this table. Links to information about configuration management system versions referenced i - [Microsoft Endpoint Manager CB 1710](/configmgr/core/servers/manage/updates) - [System Center Configuration Manager (SCCM) CB 1710](/configmgr/core/servers/manage/updates) <br>_SCCM is now Microsoft Endpoint Configuration Manager._ -## Per rule alert and notification details +## Per ASR rule alert and notification details Toast notifications are generated for all rules in Block mode. Rules in any other mode won't generate toast notifications Advanced hunting action type: - AsrRansomwareBlocked Dependencies: Microsoft Defender Antivirus, Cloud Protection++## See also ++- [Attack surface reduction (ASR) rules deployment overview](attack-surface-reduction-rules-deployment.md) +- [Plan attack surface reduction (ASR) rules deployment](attack-surface-reduction-rules-deployment-plan.md) +- [Test attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-test.md) +- [Enable attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-implement.md) +- [Operationalize attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-operationalize.md) +- [Attack surface reduction \(ASR\) rules report](attack-surface-reduction-rules-report.md) +- [Attack surface reduction rules reference](attack-surface-reduction-rules-reference.md) |
security | Attack Surface Reduction Rules Report | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-report.md | The Add exclusion page has two buttons for actions that can be used on any detec ## See also -- [Enable attack surface reduction rules](attack-surface-reduction-rules-deployment-implement.md)+- [Attack surface reduction (ASR) rules deployment overview](attack-surface-reduction-rules-deployment.md) +- [Plan attack surface reduction (ASR) rules deployment](attack-surface-reduction-rules-deployment-plan.md) +- [Test attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-test.md) +- [Enable attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-implement.md) +- [Operationalize attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-operationalize.md) +- [Attack surface reduction \(ASR\) rules report](attack-surface-reduction-rules-report.md) - [Attack surface reduction rules reference](attack-surface-reduction-rules-reference.md) |
security | Attack Surface Reduction | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/attack-surface-reduction.md | Attack surface reduction rules target certain software behaviors, such as: Such software behaviors are sometimes seen in legitimate applications. However, these behaviors are often considered risky because they are commonly abused by attackers through malware. Attack surface reduction rules can constrain software-based risky behaviors and help keep your organization safe. -For more information about configuring attack surface reduction rules, see [Enable attack surface reduction rules](enable-attack-surface-reduction.md). +For a sequential, end-to-end process of how to manage ASR rules, see: ++- [Attack surface reduction (ASR) rules deployment overview](attack-surface-reduction-rules-deployment.md) +- [Plan attack surface reduction (ASR) rules deployment](attack-surface-reduction-rules-deployment-plan.md) +- [Test attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-test.md) +- [Enable attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-implement.md) +- [Operationalize attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-operationalize.md) ## Assess rule impact before deployment Also, when certain attack surface reduction rules are triggered, alerts are gene Notifications and any alerts that are generated can be viewed in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft 365 Defender portal</a>. -For specific details about notification and alert functionality, see: [Per rule alert and notification details](attack-surface-reduction-rules-reference.md#per-rule-alert-and-notification-details), in the article **Attack surface reduction rules reference**. +For specific details about notification and alert functionality, see: [Per rule alert and notification details](attack-surface-reduction-rules-reference.md#per-asr-rule-alert-and-notification-details), in the article **Attack surface reduction rules reference**. ## Advanced hunting and attack surface reduction events You can create a custom view that filters events to only show the following even The "engine version" listed for attack surface reduction events in the event log, is generated by Defender for Endpoint, not by the operating system. Defender for Endpoint is integrated with Windows 10 and Windows 11, so this feature works on all devices with Windows 10 or Windows 11 installed. +## See also ++- [Attack surface reduction (ASR) rules deployment overview](attack-surface-reduction-rules-deployment.md) +- [Plan attack surface reduction (ASR) rules deployment](attack-surface-reduction-rules-deployment-plan.md) +- [Test attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-test.md) +- [Enable attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-implement.md) +- [Operationalize attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-operationalize.md) +- [Attack surface reduction \(ASR\) rules report](attack-surface-reduction-rules-report.md) + > [!TIP] > If you're looking for Antivirus related information for other platforms, see:+> > - [Set preferences for Microsoft Defender for Endpoint on macOS](mac-preferences.md) > - [Microsoft Defender for Endpoint on Mac](microsoft-defender-endpoint-mac.md) > - [macOS Antivirus policy settings for Microsoft Defender Antivirus for Intune](/mem/intune/protect/antivirus-microsoft-defender-settings-macos) |
security | Batch Update Alerts | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/batch-update-alerts.md | Property | Type | Description alertIds | List<String>| A list of the IDs of the alerts to be updated. **Required** status | String | Specifies the updated status of the specified alerts. The property values are: 'New', 'InProgress' and 'Resolved'. assignedTo | String | Owner of the specified alerts-classification | String | Specifies the specification of the specified alerts. The property values are: 'True positive', 'Informational, expected activity' and 'False positive'. -determination | String | Specifies the determination of the specified alerts. The property values are: 'NotAvailable', 'Apt', 'Malware', 'SecurityPersonnel', 'SecurityTesting', 'UnwantedSoftware', 'Other' +classification | String | Specifies the specification of the specified alerts. The property values are: `TruePositive`, `Informational, expected activity`, and `FalsePositive`. +determination | String | Specifies the determination of the specified alerts. <p>Possible determination values for each classification are: <br><li> <b>True positive</b>: `Multistage attack` (MultiStagedAttack), `Malicious user activity` (MaliciousUserActivity), `Compromised account` (CompromisedUser) ΓÇô consider changing the enum name in public api accordingly, `Malware` (Malware), `Phishing` (Phishing), `Unwanted software` (UnwantedSoftware), and `Other` (Other). <li> <b>Informational, expected activity:</b> `Security test` (SecurityTesting), `Line-of-business application` (LineOfBusinessApplication), `Confirmed activity` (ConfirmedUserActivity) - consider changing the enum name in public api accordingly, and `Other` (Other). <li> <b>False positive:</b> `Not malicious` (Clean) - consider changing the enum name in public api accordingly, `Not enough data to validate` (InsufficientData), and `Other` (Other). comment | String | Comment to be added to the specified alerts. >[!NOTE]->Around August 29th, 2022, previously supported alert determination values ('Apt' and 'SecurityPersonnel') will be deprecated and no longer available via the API. +>Around August 29, 2022, previously supported alert determination values ('Apt' and 'SecurityPersonnel') will be deprecated and no longer available via the API. ## Response |
security | Built In Protection | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/built-in-protection.md | f1.keywords: NOCSH > **You don't have to wait for built-in protection to come to you**! You can protect your organization's devices now by configuring these capabilities: > - [Enable cloud protection](why-cloud-protection-should-be-on-mdav.md) > - [Turn tamper protection on](prevent-changes-to-security-settings-with-tamper-protection.md)-> - [Set attack surface reduction rules to block mode](attack-surface-reduction-rules-deployment.md) +> - [Set basic attack surface reduction rules to block mode](attack-surface-reduction-rules-deployment.md) > - [Enable network protection in block mode](enable-network-protection.md) ## What is built-in protection, and how does it work? |
security | Configure Server Endpoints | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/configure-server-endpoints.md | You'll need to complete the following general steps to successfully onboard serv :::image type="content" source="images/server-onboarding-tools-methods.png" alt-text="An illustration of onboarding flow for Windows Servers and Windows 10 devices" lightbox="images/server-onboarding-tools-methods.png"::: ++>[!NOTE] +>Windows Server Hyper-V is not supported. ++ ## Integration with Microsoft Defender for Servers Microsoft Defender for Endpoint integrates seamlessly with Microsoft Defender for Servers. You can onboard servers automatically, have servers monitored by Microsoft Defender for Cloud appear in Defender for Endpoint, and conduct detailed investigations as a Microsoft Defender for Cloud customer. Alternatively, use the instructions provided at [Workaround for a known issue wi - Operating system upgrades aren't supported. Offboard then uninstall before upgrading. - Automatic exclusions for **server roles** aren't supported on Windows Server 2012 R2; however, built-in exclusions for operating system files are. For more information about adding exclusions, see [Virus scanning recommendations for Enterprise computers that are running currently supported versions of Windows](https://support.microsoft.com/topic/virus-scanning-recommendations-for-enterprise-computers-that-are-running-currently-supported-versions-of-windows-kb822158-c067a732-f24a-9079-d240-3733e39b40bc). - On machines that have been upgraded from the previous, MMA-based solution and the EDR sensor is a (preview) version older than 10.8047.22439.1056, uninstalling and reverting back to the MMA-based solution may lead to crashes. If you are on such a preview version, update using KB5005292.-- To deploy and onboard the new solution using Microsoft Endpoint Manager, this process currently requires creating a package. For more information on how to deploy programs and scripts in Configuration Manager, see [Packages and programs in Configuration Manager](/configmgr/apps/deploy-use/packages-and-programs). MECM 2107 with the hotfix rollup or later is required to support policy configuration management using the Endpoint Protection node.+- To deploy and onboard the new solution using Microsoft Endpoint Manager, this process currently requires creating a package. For more information on how to deploy programs and scripts in Configuration Manager, see [Packages and programs in Configuration Manager](/configmgr/apps/deploy-use/packages-and-programs). MECM 2107 with the hotfix rollup or later is required to support policy configuration management using the Endpoint Protection node. Migrating servers from Microsoft Monitoring Agent to the unified solution requires Microsoft Endpoint Configuration Manager older than 2207. For more information, see [Migrating servers from Microsoft Monitoring Agent to the unified solution](application-deployment-via-mecm.md). ## Workaround for a known issue with TelemetryProxyServer on disconnected machines |
security | Gov | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/gov.md | ms.pagetype: security ms.localizationpriority: medium Last updated : 09/19/2022 audience: ITPro These are the known gaps: |Feature name|GCC|GCC High|DoD| ||::|::|::|-|Reports: Device health|![No](images/svg/check-no.svg) In development|![No](images/svg/check-no.svg) In development|![No](images/svg/check-no.svg) In development| +|Reports: Device health|![Yes](images/svg/check-yes.svg) <sup>1</sup>|![No](images/svg/check-no.svg) In development|![No](images/svg/check-no.svg) In development| |Reports: Web content filtering|![Yes](images/svg/check-yes.svg)|![No](images/svg/check-no.svg) In development|![No](images/svg/check-no.svg) In development| |Microsoft Secure Score|![Yes](images/svg/check-yes.svg) <sup>1</sup>|![No](images/svg/check-no.svg)|![No](images/svg/check-no.svg)| |Microsoft Threat Experts|![No](images/svg/check-no.svg)|![No](images/svg/check-no.svg)|![No](images/svg/check-no.svg)| |
security | Linux Whatsnew | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/linux-whatsnew.md | This article is updated frequently to let you know what's new in the latest rele - Fixes a kernel hang observed on select customer workloads running mdatp version 101.75.43. After RCA this was attributed to a race condition while releasing the ownership of a sensor file descriptor. The race condition was exposed due to a recent product change in the shutdown path. Customers on newer Kernel versions (5.1+) are not impacted by this issue. -- When upgrading from mdatp version 101.75.43, run the following commands before attempting to upgrade to version 101.80.97+- When upgrading from mdatp version 101.75.43 or 101.78.13, run the following commands before attempting to upgrade to version 101.80.97 ``` sudo mdatp config real-time-protection --value=disabled sudo systemctl disable mdatp <br/><br/> </details> +<details> + <summary>Aug-2022 (Build: 101.78.13, | Release version: 30.122072.17813.0)</summary> ++  Released: **August 24, 2022**<br/> +  Published: **August 24, 2022**<br/> +  Build: **101.78.13**<br/> +  Release version: **30.122072.17813.0**<br/> +  Engine version: **1.1.19300.3**<br/> +  Signature version: **1.369.395.0**<br/> ++ **What's new** ++ - Rolled back due to reliability issues ++ </br> ++ <br/><br/> + </details> + <details> <summary>Aug-2022 (Build: 101.75.43 | Release version: 30.122071.17543.0)</summary> |
security | Overview Attack Surface Reduction | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/overview-attack-surface-reduction.md | You can enable audit mode using Group Policy, PowerShell, and configuration serv | Audit options | How to enable audit mode | How to view events | |||| | Audit applies to all events | [Enable controlled folder access](enable-controlled-folders.md) | [Controlled folder access events](evaluate-controlled-folder-access.md#review-controlled-folder-access-events-in-windows-event-viewer) |-| Audit applies to individual rules | [Step 1: Test ASR rules using Audit mode](attack-surface-reduction-rules-deployment-test.md#step-1-test-asr-rules-using-audit) | [Step 2: Understand the Attack surface reduction rules reporting page](attack-surface-reduction-rules-deployment-test.md#step-2-understand-the-attack-surface-reduction-rules-reporting-page-in-the-microsoft-365-defender-portal) | +| Audit applies to individual rules | [Step 1: Test ASR rules using Audit mode](attack-surface-reduction-rules-deployment-test.md#step-1-test-asr-rules-using-audit) | [Step 2: Understand the Attack surface reduction rules reporting page](attack-surface-reduction-rules-deployment-test.md#step-2-understand-the-asr-rules-reporting-page-in-the-microsoft-365-defender-portal) | | Audit applies to all events | [Enable network protection](enable-network-protection.md) | [Network protection events](evaluate-network-protection.md#review-network-protection-events-in-windows-event-viewer) | | Audit applies to individual mitigations | [Enable exploit protection](enable-exploit-protection.md) | [Exploit protection events](exploit-protection.md#review-exploit-protection-events-in-windows-event-viewer) | |
security | Update Alert | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/update-alert.md | Existing properties that aren't included in the request body will maintain their For best performance, you shouldn't include existing values that haven't change. -Property|Type|Description +Property|Type|Description| :|:|:-Status|String|Specifies the current status of the alert. The property values are: 'New', 'InProgress' and 'Resolved'. -assignedTo|String|Owner of the alert -Classification|String|Specifies the specification of the alert. The property values are: 'Unknown', 'FalsePositive', 'TruePositive'. -Determination|String|Specifies the determination of the alert. The property values are: 'NotAvailable', 'Apt', 'Malware', 'SecurityPersonnel', 'SecurityTesting', 'UnwantedSoftware', 'Other' -Comment|String|Comment to be added to the alert. +Status|String|Specifies the current status of the alert. The property values are: 'New', 'InProgress' and 'Resolved'.| +assignedTo|String|Owner of the alert| +Classification|String|Specifies the specification of the alert. The property values are: `TruePositive`, `Informational, expected activity`, and `FalsePositive`.| +Determination|String|Specifies the determination of the alert. <p>Possible determination values for each classification are: <br><li> <b>True positive</b>: `Multistage attack` (MultiStagedAttack), `Malicious user activity` (MaliciousUserActivity), `Compromised account` (CompromisedUser) ΓÇô consider changing the enum name in public api accordingly, `Malware` (Malware), `Phishing` (Phishing), `Unwanted software` (UnwantedSoftware), and `Other` (Other). <li> <b>Informational, expected activity:</b> `Security test` (SecurityTesting), `Line-of-business application` (LineOfBusinessApplication), `Confirmed activity` (ConfirmedUserActivity) - consider changing the enum name in public api accordingly, and `Other` (Other). <li> <b>False positive:</b> `Not malicious` (Clean) - consider changing the enum name in public api accordingly, `Not enough data to validate` (InsufficientData), and `Other` (Other).| +Comment|String|Comment to be added to the alert.| >[!NOTE]->Around August 29th, 2022, previously supported alert determination values ('Apt' and 'SecurityPersonnel') will be deprecated and no longer available via the API. +>Around August 29, 2022, previously supported alert determination values ('Apt' and 'SecurityPersonnel') will be deprecated and no longer available via the API. ## Response |
security | Api Incident | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-incident.md | lastUpdateTime | DateTimeOffset | The date and time (in UTC) the Incident was la assignedTo | string | Owner of the Incident. severity | Enum | Severity of the Incident. Possible values are: ```UnSpecified```, ```Informational```, ```Low```, ```Medium```, and ```High```. status | Enum | Specifies the current status of the incident. Possible values are: ```Active```, ```InProgress```, ```Resolved```, and ```Redirected```.-classification | Enum | Specification of the incident. Possible values are: ```Unknown```, ```FalsePositive```, ```TruePositive```. -determination | Enum | Specifies the determination of the incident. Possible values are: ```NotAvailable```, ```Apt```, ```Malware```, ```SecurityPersonnel```, ```SecurityTesting```, ```UnwantedSoftware```, ```Other```. -tags | string List | List of Incident tags. +classification | Enum | Specification of the incident. Possible values are: `TruePositive`, `Informational, expected activity`, and `FalsePositive`. +determination | Enum | Specifies the determination of the incident. <p>Possible determination values for each classification are: <br><li> <b>True positive</b>: `Multistage attack` (MultiStagedAttack), `Malicious user activity` (MaliciousUserActivity), `Compromised account` (CompromisedUser) ΓÇô consider changing the enum name in public api accordingly, `Malware` (Malware), `Phishing` (Phishing), `Unwanted software` (UnwantedSoftware), and `Other` (Other). <li> <b>Informational, expected activity:</b> `Security test` (SecurityTesting), `Line-of-business application` (LineOfBusinessApplication), `Confirmed activity` (ConfirmedUserActivity) - consider changing the enum name in public api accordingly, and `Other` (Other). <li> <b>False positive:</b> `Not malicious` (Clean) - consider changing the enum name in public api accordingly, `Not enough data to validate` (InsufficientData), and `Other` (Other). +tags | string list | List of Incident tags. comments | List of incident comments | Incident Comment object contains: comment string, createdBy string, and createTime date time.-alerts | Alert List | List of related alerts. See examples at [List incidents](api-list-incidents.md) API documentation. +alerts | alert list | List of related alerts. See examples at [List incidents](api-list-incidents.md) API documentation. >[!NOTE]->Around August 29th, 2022, previously supported alert determination values ('Apt' and 'SecurityPersonnel') will be deprecated and no longer available via the API. +>Around August 29, 2022, previously supported alert determination values ('Apt' and 'SecurityPersonnel') will be deprecated and no longer available via the API. ## Related articles |
security | Api Update Incidents | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-update-incidents.md | Property|Type|Description || status|Enum|Specifies the current status of the incident. Possible values are: `Active`, `Resolved`, and `Redirected`. assignedTo|string|Owner of the incident.-classification|Enum|Specification of the incident. Possible values are: `Unknown`, `FalsePositive`, `TruePositive`. -determination|Enum|Specifies the determination of the incident. Possible values are: `NotAvailable`, `Apt`, `Malware`, `SecurityPersonnel`, `SecurityTesting`, `UnwantedSoftware`, `Other`. -tags|string List|List of Incident tags. +classification|Enum|Specification of the incident. Possible values are: `TruePositive`, `Informational, expected activity`, and `FalsePositive`. +determination|Enum|Specifies the determination of the incident. <p>Possible determination values for each classification are: <br><li> <b>True positive</b>: `Multistage attack` (MultiStagedAttack), `Malicious user activity` (MaliciousUserActivity), `Compromised account` (CompromisedUser) ΓÇô consider changing the enum name in public api accordingly, `Malware` (Malware), `Phishing` (Phishing), `Unwanted software` (UnwantedSoftware), and `Other` (Other). <li> <b>Informational, expected activity:</b> `Security test` (SecurityTesting), `Line-of-business application` (LineOfBusinessApplication), `Confirmed activity` (ConfirmedUserActivity) - consider changing the enum name in public api accordingly, and `Other` (Other). <li> <b>False positive:</b> `Not malicious` (Clean) - consider changing the enum name in public api accordingly, `Not enough data to validate` (InsufficientData), and `Other` (Other). +tags|string list|List of Incident tags. comment|string|Comment to be added to the incident. >[!NOTE]->Around August 29th, 2022, previously supported alert determination values ('Apt' and 'SecurityPersonnel') will be deprecated and no longer available via the API. +>Around August 29, 2022, previously supported alert determination values ('Apt' and 'SecurityPersonnel') will be deprecated and no longer available via the API. ## Response |
security | Allow Block Email Spoof | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/allow-block-email-spoof.md | Only messages from that domain *and* sending infrastructure pair are allowed to In organizations with Microsoft Defender for Office 365, you can't create allow entries in the Tenant/Allow/Block List for messages that were detected as impersonation by [domain or sender impersonation protection](set-up-anti-phishing-policies.md#impersonation-settings-in-anti-phishing-policies-in-microsoft-defender-for-office-365). -Reporting a message that was incorrectly blocked as impersonation in the Submissions portal at <https://security.microsoft.com/reportsubmission> does not add the sender or domain as an allow entry in the Tenant Allow/Block List. +Reporting a message that was incorrectly blocked as impersonation in the Submissions portal at <https://security.microsoft.com/reportsubmission> does not add the sender or domain as an allow entry in the Tenant Allow/Block List. Instead, the domain or sender is added to the **Trusted senders and domains section** in the [anti-phishing policy](configure-mdo-anti-phishing-policies.md#use-the-microsoft-365-defender-portal-to-modify-anti-phishing-policies) that detected the message. |
security | Attack Simulation Training Insights | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training-insights.md | The **Behavior impact on compromise rate** card on the **Overview** tab shows ho The chart data itself shows the following information: -- **Predicted compromise rate**<sup>\*</sup>: The average compromise rate for Attack simulation training simulations that use the same type of payload across all other Microsoft 365 organizations.-- **Actual compromise rate**<sup>\*</sup>: The actual percentage of users that fell for the simulation.+- **Predicted compromise rate**: Historical data across Microsoft 365 that predicts the percentage of people who will be compromised by this simulation (users compromised / total number of users who receive the simulation). +- **Actual compromise rate**: The actual percentage of people who were compromised by the simulation (actual users compromised / total number of users in your organization who received the simulation). If you hover over a data point in the chart, the actual percentage values are shown. |
security | Attack Simulation Training Simulation Automations | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations.md | If you select **Manually select**, you need to select one or more payloads from - **Technique**: You need to select at least one payload per technique that you selected on the previous page. - **Language**: The available values are: **English**, **Spanish**, **German**, **Japanese**, **French**, **Portuguese**, **Dutch**, **Italian**, **Swedish**, **Chinese (Simplified)**, **Norwegian Bokmål**, **Polish**, **Russian**, **Finnish**, **Korean**, **Turkish**, **Hungarian**, **Hebrew**, **Thai**, **Arabic**, **Vietnamese**, **Slovak**, **Greek**, **Indonesian**, **Romanian**, **Slovenian**, **Croatian**, **Catalan**, or **Other**. - **Click rate**: How many people have clicked on this payload.-- **Predicted compromise rate**: Historical data for the payload across Microsoft 365 that predicts the percentage of people who will get compromised by this payload.+- **Predicted compromise rate**: Historical data across Microsoft 365 that predicts the percentage of people who will be compromised by this payload (users compromised / total number of users who receive the payload). - **Simulations launched** counts the number of times this payload was used in other simulations. In the ![Search icon.](../../media/m365-cc-sc-search-icon.png) **Search** box, you can type part of the payload name and press Enter to filter the results. |
security | Attack Simulation Training | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training.md | The following details are shown for each payload: - **Payload name** - **Language**: The language of the payload content. Microsoft's payload catalog (global) provides payloads in 10+ languages which can also be filtered. - **Click rate**: How many people have clicked on this payload.-- **Predicted compromise rate**: Historical data for the payload across Microsoft 365 that predicts the percentage of people who will get compromised by this payload.+- **Predicted compromise rate**: Historical data across Microsoft 365 that predicts the percentage of people who will be compromised by this payload (users compromised / total number of users who receive the payload). - **Simulations launched** counts the number of times this payload was used in other simulations. In the ![Search icon.](../../media/m365-cc-sc-search-icon.png) **Search** box, you can type part of the payload name and press Enter to filter the results. |
security | Configure Mdo Anti Phishing Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/configure-mdo-anti-phishing-policies.md | Creating a custom anti-phishing policy in the Microsoft 365 Defender portal crea After you select at least one entry, the ![Delete domains icon.](../../media/m365-cc-sc-delete-icon.png) **Delete** icon appears, which you can use to remove the selected entries. - - **Add trusted senders and domains**: : Specify impersonation protection exceptions for the policy by clicking on **Manage (nn) trusted sender(s) and domain(s)**. In the **Manage custom domains for impersonation protection** flyout that appears, configure the following settings: + - **Add trusted senders and domains**: Specify impersonation protection exceptions for the policy by clicking on **Manage (nn) trusted sender(s) and domain(s)**. In the **Manage custom domains for impersonation protection** flyout that appears, configure the following settings: - **Senders**: Verify the **Sender** tab is selected and click ![Add senders icon.](../../media/m365-cc-sc-create-icon.png). In the **Add trusted senders** flyout that appears, enter an email address in the box and then click **Add**. Repeat this step as many times as necessary. To remove an existing entry, click ![Delete icon](../../media/m365-cc-sc-close-icon.png) for the entry. When you're finished, click **Add**. Creating a custom anti-phishing policy in the Microsoft 365 Defender portal crea When you're finished, click **Add**. > [!NOTE]- > If Microsoft 365 system messages from the following senders are identified as impersonation attempts, you can add the senders to the trusted senders list: >- > - `Γüánoreply@email.teams.microsoft.com` - > - `noreply@emeaemail.teams.microsoft.com` - > - `no-reply@sharepointonline.com` + > - If Microsoft 365 system messages from the following senders are identified as impersonation attempts, you can add the senders to the trusted senders list: + > - `Γüánoreply@email.teams.microsoft.com` + > - `noreply@emeaemail.teams.microsoft.com` + > - `no-reply@sharepointonline.com` + > + > - Trusted domain entries don't include subdomains of the specified domain. You need to add an entry for each subdomain. Back on the **Manage custom domains for impersonation** flyout, you can remove entries from the **Sender** and **Domain** tabs by selecting one or more entries from the list. You can search for entries using the ![Search icon.](../../media/m365-cc-sc-create-icon.png) **Search** box. |
security | Manage Tenant Allow Block List | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/manage-tenant-allow-block-list.md | Use the Submissions portal (also known as *admin submission*) at <https://securi - **Domains and email addresses**: - Email messages from these senders are marked as *high confidence spam* (SCL = 9). What happens to the messages is determined by the [anti-spam policy](configure-your-spam-filter-policies.md) that detected the message for the recipient. In the default anti-spam policy and new custom policies, messages that are marked as high confidence spam are delivered to the Junk Email folder by default. In Standard and Strict [preset security policies](preset-security-policies.md), high confidence spam messages are quarantined.- - Users in the organization can't send email to these blocked domains and addresses. They'll receive the following non-delivery report (also known as an NDR or bounce message): `5.7.1 Your message can't be delivered because one or more recipients are blocked by your organization's tenant allow/block list policy.` + - Users in the organization can't send email to these blocked domains and addresses. They'll receive the following non-delivery report (also known as an NDR or bounce message): `5.7.1 Your message can't be delivered because one or more recipients are blocked by your organization's tenant allow/block list policy.` The entire message is blocked to all recipients if email is sent to any of the entries in the list. - **Files**: Email messages that contain these blocked files are blocked as *malware*. |
security | Microsoft 365 Continuous Access Evaluation | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/microsoft-365-continuous-access-evaluation.md | The following Microsoft 365 services currently support continuous access evaluat ||||| |**Critical events:**|||| |User revocation|Supported|Supported|Supported|-|User risk|Supported|Not supported|Not supported| +|User risk|Supported|Not supported|Supported| |**Conditional Access policy evaluation:**||||-|IP address location policy|Supported|Supported\*|Supported| +|IP address location policy|Supported|Supported\*|Supported\**| \* SharePoint Office web browser access supports instant IP policy enforcement by enabling strict mode. Without strict mode, access token lifetime is one hour. +\** Calls, meetings, and chat in Teams do not conform to IP-based Conditional Access policies yet. + For more information about how to set up a Conditional Access policy, see [this article](/azure/active-directory/conditional-access/overview). ## Microsoft 365 clients supporting continuous access evaluation |
security | Set Up Anti Phishing Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/set-up-anti-phishing-policies.md | The following impersonation settings are only available in anti-phishing policie - **Add trusted senders and domains**: Exceptions to the impersonation protection settings. Messages from the specified senders and sender domains are never classified as impersonation-based attacks by the policy. In other words, the action for protected senders, protected domains, or mailbox intelligence protection aren't applied to these trusted senders or sender domains. The maximum limit for these lists is 1024 entries. > [!NOTE]- > If Microsoft 365 system messages from the following senders are identified as impersonation attempts, you can add the senders to the trusted senders list: >- > - `Γüánoreply@email.teams.microsoft.com` - > - `noreply@emeaemail.teams.microsoft.com` - > - `no-reply@sharepointonline.com` + > - If Microsoft 365 system messages from the following senders are identified as impersonation attempts, you can add the senders to the trusted senders list: + > - `Γüánoreply@email.teams.microsoft.com` + > - `noreply@emeaemail.teams.microsoft.com` + > - `no-reply@sharepointonline.com` + > + > - Trusted domain entries don't include subdomains of the specified domain. You need to add an entry for each subdomain. ### Advanced phishing thresholds in anti-phishing policies in Microsoft Defender for Office 365 |
security | Whats New In Defender For Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/whats-new-in-defender-for-office-365.md | f1.keywords: NOCSH ms.localizationpriority: medium Previously updated : 08/30/2022 Last updated : 09/20/2022 audience: ITPro For more information on what's new with other Microsoft Defender security produc - This change impacts all users who log in to the Office 365 Security and Compliance portal (protection.office.com), including security teams and end-users who access the Email Quarantine experience, at the **Microsoft Defender Portal** > **Review** > **Quarantine**. - Redirection is enabled by default and impacts all users of the Tenant. - Global Administrators and Security Administrators can turn on or off redirection in the Microsoft 365 Defender portal by navigating to **Settings** > **Email & collaboration** > **Portal redirection** and switch the redirection toggle.+- **Built-in protection**: A profile that enables a base level of Safe Links and Safe Attachments protection that's on by default for all Defender for Office 365 customers. To learn more about this new policy and order of precedence, see [Preset security policies](preset-security-policies.md) and to learn about the specific Safe Links and Safe Attachment controls set, see [Safe Attachments settings](recommended-settings-for-eop-and-office365.md#safe-attachments-settings) and [Safe Links settings](recommended-settings-for-eop-and-office365.md#safe-links-settings). ## July 2022 For more information on what's new with other Microsoft Defender security produc - [Simplifying the quarantine experience (part two) in Microsoft 365 Defender for office 365](https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/simplifying-the-quarantine-experience-part-two/ba-p/3354687): Highlights additional features to make the quarantine experience even easier to use. +- [Introducing differentiated protection for priority accounts in Microsoft Defender for Office 365](https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/introducing-differentiated-protection-for-priority-accounts-in/ba-p/3283838): Introducing GCC, GCC-H, and DoD availability of differentiated protection for priority accounts. + ## April 2022 - [Introducing the URLClickEvents table in Microsoft 365 Defender Advanced Hunting](https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/introducing-the-urlclickevents-table-in-advanced-hunting-with/ba-p/3295096): Introducing the UrlClickEvents table in advanced hunting with Microsoft Defender for Office 365. |