Endpoint DLP Collection Evidence on Devices

Hello team, 

I am trying to setup the feature collect evidence when endpoint DLP match.

Official feature documentation:

https://learn.microsoft.com/en-us/purview/dlp-copy-matched-items-learn

https://learn.microsoft.com/en-us/purview/dlp-copy-matched-items-get-started

unfortunately, it is not working as described in the official documentation, I opened ticket with Microsoft support and MIcrosoft Service Hub, Unfortunatetly, they don't know how to setup it, or they are unable to solve the issue.

Support ticket: 
TrackingID#26040XXXXXXX9201
Service Hub ticket: 

https://support.serviceshub.microsoft.com/supportforbusiness/onboarding?origin=/supportforbusiness/create

TrackingID#26040XXXXXXXX924

I follow the steps to configure:

based on the Microsoft documentation, I should be able to see the evidence in Activity explorer or Purview DLP alert or Defender Alerts/Incidents.