Remove-AuditConfigurationRule
This cmdlet is functional only in Security & Compliance PowerShell. For more information, see Security & Compliance PowerShell.
Use the Remove-AuditConfigurationRule cmdlet to remove audit configuration rules.
For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.
Syntax
Remove-AuditConfigurationRule
[-Identity] <PolicyIdParameter>
[-Confirm]
[-DomainController <Fqdn>]
[-WhatIf]
[<CommonParameters>]
Description
To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see Permissions in the Microsoft Purview compliance portal.
Examples
Example 1
Remove-AuditConfigurationRule 989a3a6c-dc40-4fa4-8307-beb3ece992e9
This example removes the audit configuration rule named 989a3a6c-dc40-4fa4-8307-beb3ece992e9.
Parameters
-Confirm
The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.
- Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax:
-Confirm:$false
. - Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Online, Security & Compliance |
-DomainController
This parameter is reserved for internal Microsoft use.
Type: | Fqdn |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-Identity
The Identity parameter specifies the audit configuration rule that you want to remove. The name of the rule is a GUID value. For example, 989a3a6c-dc40-4fa4-8307-beb3ece992e9. You can find the name value by running the following command: Get-AuditConfigurationRule | Format-List Name,Workload,AuditOperation,Policy.
Type: | PolicyIdParameter |
Position: | 1 |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
Applies to: | Security & Compliance |
-WhatIf
The WhatIf switch doesn't work in Security & Compliance PowerShell.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Applies to: | Exchange Online, Security & Compliance |