8,330 questions
Action 'Get-LabelPolicy' and 'Get-AutoSensitivityLabelPolicy' by User '<SNIP-PII>'
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
We have been receiving detections related to User Access Sensitivity Label Policy with actions stating these commands have been executed 'Get-LabelPolicy' and 'Get-AutoSensitivityLabelPolicy'. The user.id associated with it is named '<SNIP-PII>'
As what I've understand it appears to be that the user's information that initiated this has been redacted. Am I understanding this correctly? I want some insights would be glad to know about it.
Thank you!
Windows for business | Windows Server | User experience | PowerShell
Microsoft Security | Intune | Compliance
198 questions
{count} vote
-
Anonymous
2024-10-07T01:23:03.93+00:00 @Anonymous Thanks for posting in our Q&A.
For this issue, it seems not related to intune. Based on my research, it seems more related to Security & Compliance PowerShell. To get more help, I will add "PowerShell" tag. Hope someone else will share some information.
Thanks for your understanding.
Sign in to comment
Sign in to answer