eDiscovery logs are part of DLP logs in Office 365 Management API?
On Office 365 management API documentation eDiscovery Schema is listed underDLP Schema but I cannot see eDiscovery audit logs if I fetch the DLP API. Is there any separate endpoint to get these audit logs, or we need to apply any specific filter for these logs? I'm confused if eDiscovery logs are part of DLP logs or not. I know there is a different endpoint in Graph API for eDiscovery, but I want to know is there any way to get these logs using Management API.
Note that: eDiscovery logs are not part of the DLP logs in the Office 365 Management API.
- You cannot retrieve eDiscovery audit logs using the DLP API. You would need to use the Microsoft Graph API under the compliance section to access those specific logs.
You can list the ediscoveryCases using the Microsoft Graph API:
Make sure to grant eDiscovery.Read.All API permission.
GET https://graph.microsoft.com/v1.0/security/cases/ediscoveryCases
You can also use the security endpoint to get eDiscovery audit logs.
GET https://graph.microsoft.com/v1.0/security/alerts
Based on the MsDoc the Office 365 Management Activity API includes audit logs for several services, but eDiscovery logs are not listed as one of the supported content types.
- eDiscovery events (such as creating or managing eDiscovery cases, holds, and searches) are not part of the content types listed in the API.
- These would need to be retrieved separately from the Microsoft Graph API, particularly from the Security & Compliance API or eDiscovery API.
Reference:
- eDiscovery logs are part of DLP logs in Office 365 Management API?
- Failed to validate the signature of the actionable message card Power Automate
- Office 365 IMAP authentication via OAuth2 and python MSAL library
- Office 365 Exchange Online permission is not visible for registered application in azure active directory
- Ruby & IMAP - Accessing Office 365 with Oauth 2.0
- Excel - How can we replace multiple characters or whole words in a cell using LAMBDA()
- Why I cant start Remote Assistance (msra.exe) via vba "shell" since Win 11/Office 365 update?
- Outlook Add-In unable to debug due to error connecting exchange email account
- How to convert big numbers between HEX and DEC in Excel without using VBA?
- Error: "OrganizationFromTenantGuidNotFound" (even with Microsoft 365 subscription)
- How to Fetch Change Log Data Programmatically in a JavaScript Excel Online Add-In?
- In powerapps, I'm getting the same error saying "name isn't valid" but which is incorrect as it has worked everywhere else?
- How to adjust width or position between label on y-axis?
- Office 364 Audit logs: Search-UnifiedAuditLog is not recognized as the name of a cmdlet
- Microsoft Graph API - Get profile picture with defined size
- Granting permissions to upload a file to sharepoint using PnP Powershell - 401 Unauthorized
- I can't get the folders from my sharepoint site, how can i resolve this?
- How to embed Image inline in Email Body using Microsoft Graph
- Responding to an Office 365 event invite via REST
- S/MIME Email Sent via Python and Microsoft Graph Works in Gmail but Not in Outlook
- How to create event by MS Graph with room as location?
- Extract Value from Array in Power Automate
- The SMTP server requires a secure connection or the client was not authenticated.(535 5.7.3)?
- Run VBA on smartphone
- How to assign cell values to an array with named arguments
- Difference between running a userform in Visual Basic Editor (F5) and opening it with Show?
- InefficientFilter error on Microsoft Graph requests which were previously working
- Set shape / inlineshape as Decorative in Word
- MailKit OAuth2 SMTP Office365 Send Mail
- Pass multiple PrincipleIDs to the roleassignments/addroleassignment endpoint inside SharePoint Online REST API