I have scripted out the entire eDiscovery process in E3 eDiscovery which allowed us to save time and money, and repeat searches with minor variations very easily. With Advanced eDiscovery, I am unable to do so. Please add powershell scripting support (or provide the documentation) so we can streamline our collection and export processes.219 votes
Employee's send out emails with no subjects all the time, however I am unable to add a null/blank subject as a condition in content search.
I am also unable to content search or filter based off of message ID.
There is also no time option, only date, as a search condition.
This makes content searching for an email with no subject a huge pain.
Please add the ability to create content searches based off of blank/null subjects, sent time between X and Y, and based off of message ID in the mail headers as an option.210 votes
Tell us more null subjects and MessageID scenario. You are currently able to query the time.
Operations from sc center that Copy eDiscovery search results to a discovery mailbox would be very useful.
This operation is available only in Exchange Management Center.
but we want to implement this operation in SC center too. Please consider this function.180 votes
We now offer more simplified way to review content in Advanced eDiscovery. Please review documentation here:
Review sets in Advanced eDiscovery (v2.0)
Note that the In-Place eDiscovery and Holds cmdlets in the EAC are now retired:
We recommend considering the new review tool in Advanced eDiscovery.
Sensitive data searches for ediscovery currently work only in Sharepoint and One Drive. It also works for DLP in Exchange. This lack severely limits the usefulness of eDiscovery in Security and Compliance for Office 365.135 votes
Use compliance tag as a condition after labeling content, and we are working on sensitive data search in the UI.
Currently users with the ediscovery role can run search for content and download that content. Using the New-ComplianceSearchAction -purge -softdelete you can delete this content (which we use for deleting spam or malware emails out of mailboxes). We do not want our security operations team to use powershell to complete these deletes so we have to write a gui to provide this functionality. Please enable the ability to complete deletes within the SCC itself132 votes
Check out the Data Investigations capability in preview now.
I have a requirement from a large customer (85K users) that needs to be able to perform eDiscovery collections for specific Outlook folders. We can do date range and Full Mbx collections, but not specific folders. This was possible on-premises, but not in Exchange Online ????104 votes
Cmdlets available for specific folder collections (https://docs.microsoft.com/en-us/microsoft-365/compliance/use-content-search-for-targeted-collections?view=o365-worldwide) and UI version is on the backlog.
Currently, the limit to the number of locations that can be added for a single custodian to an Advanced eDiscovery case is 42, per MS Support. Creating cases is already very cumbersome and having to create more than 1 case because a custodian has more than 42 locations in all of Office 365 is an unreasonable ask. Please remove this limit, or at least allow a much higher number of locations to be added per custodian.85 votes
Add ability for compliance searches to search hyperlink URL and display text while supporting the existing wildcard structure available to other attributes like subject and body.
The new functionality could either be in a new attribute, or joined into the body attribute since the links would be in the body of the email.75 votes
The redaction on the document gets a Code (i.e. where AeD masks with the word “REDACTED”, code would be stamped instead) A given document can have multiple redaction reasons, so each reason has its own code, i.e. multiple redaction labels on the document. Additionally, a log must also accompany the disclosure stating which documents are redacted and the code/reason for the redaction.75 votes
A keyword limit of 20 terms has recently been instituted in the Compliance Center eDiscovery searches. This limit is far too low and should be returned to an unlimited number of keywords (or at least a much higher limit like 100 keywords). This is negatively impacting the ability to do more complex searches in the Compliance Center.70 votes
This has improved, and will continue to improve over time.
currently any files protected with AIP encryption are unsearchable for eDiscovery. Please make these files able to be indexed and therefore searchable for ediscovery purposes.69 votes
Currently, to export a mailbox as a PST file, you need to use a windows machine and use IE/Edge browser. You need to build out support for OSX and other browsers so businesses can use whatever hardware/software they use instead of only the one option.67 votes
If you have 150 to do its quite cumbersome to do it from the web console63 votes
Currently when we run an e-Discovery search through Compliance Management, it also shows emails that are in a user's Drafts folder. Since the emails were never sent to a recipient, we would like a feature that allows us to exclude emails in the Drafts folder that were never sent to a recipient.
Provide a mechanism to programmatically download the eDiscovery exports in Azure back to on-premise. Powershell cmdlets or command line parameters to existing eDiscovery download tool would suffice.58 votes
This is coming to Advanced eDiscovery soon.
OME and AIP Encrypted documents stored in O365 data sources should be decrypted at export with Microsoft eDiscovery for compliance purposes55 votes
Currently, performing a content search of OneDrives across a multi-geo environment isn't possible, it only searches the default Geo, not satellite Geos. If you create a security compliance filter targeted at your satellite geo and put the eDiscovery person in the role, then they can search that satellite geo. Please update oneDrive content search to search across geos the same way that an Exchange mailbox search works, without requiring adding/removing them from security compliance filters. (This workaround was the result of working with Microsoft Premier support, so it's legit.)53 votes
This is available in Advanced eDiscovery today.
Allow for the deletion of a review set in Advanced eDiscovery. For instance if a search is created and added to a review set, but then the scope of the search has to change. I should be able to delete the now obsolete review set before creating a new one.46 votes
eDiscovery export tool should be supported under other browser (not only IE), it should be more user friendly.36 votes
Ediscovery member permissions so users could edit the search query on the case but could not add another mailbox for search.
Ediscovery is a very powerful and useful solution that is available for everyone. It can hold mailboxes of leavers and this way we can preserve the licenses, however a big problem arises when someone needs access to a leavers mailbox. After giving user permission to preview you have to add him to a security group "compliance search" which gives the user access to add any mailbox "active or inactive", it is a big security implication so the service is useless for the end user and therefore we would have to process every single request when they need to access the email history.
My idea is to create a separate group that would allow to access the case for the members that are added in to the case membership group so they could edit ONLY the search query themselves and download any emails that are required.
How I plan to use this
Now then on "Ediscovery" menu
I was thinking to create "Name Surname" that references of user who will be using the service, then we he/she has the relevant permission to access the service they open the menu and all they can see is the "searches" option which will have mailboxes assigned as per required mailbox search source which they will not able to point to anything else but that 1 source mailbox. After the user goes to search function he will be able to only alter the search query as per the users needs.
That would not only make Ediscovery better, that will also make everyone rely more on Office365 services and move out from third party services for archiving. Whats the point to use cloud when you have to keep PST`s archived onprem and pay for all the tin.
I think ediscovery would be a perfect tool if we would have these functions.
Justin Miskinis - GTR IT
Ediscovery is a very powerful and useful solution that is available for everyone. It can hold mailboxes of leavers and this way we can preserve the licenses, however a big problem arises when someone needs access to a leavers mailbox. After giving user permission to preview you have to add him to a security group "compliance search" which gives the user access to add any mailbox "active or inactive", it is a big security implication so the service is useless for the end user and therefore we would have to process every single request when they need to access the…29 votes
- Don't see your idea?