Is there a list of actions and their meanings of DLP (Data loss prevention) in Microsoft Purview's management audit log?

Alex Wei (RD-AS) 0 Reputation points
2024-01-17T03:52:55.4566667+00:00

I analysis audit log of o365, and the operation is

DLPRuleMatch

and the schema is in this document:

https://learn.microsoft.com/en-us/office/office-365-management-api/office-365-management-activity-api-schema#dlp-schema

I want to know what is inside the

PolicyDetails

field and rules, but I cannot find any document to describe the fields. Such as what is the full list of actions inside that. For example, I found some actions are:

"Actions": [
						"SPAccessTimeControl",
						"SPSharingNotifyUser",
						"SPSharingGenerateIncidentReport"
					],

But I can't find the meaning of these three actions, so where can I get:

  1. The full list of actions of the rules in the policies.
  2. The meaning of these actions.
  3. Other documents regarding the DLP audit log.

Thanks!

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
5,707 questions
Microsoft Purview
Microsoft Purview
A Microsoft data governance service that helps manage and govern on-premises, multicloud, and software-as-a-service data. Previously known as Azure Purview.
1,383 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.