Forum Discussion

kwoldhagen's avatar
kwoldhagen
Copper Contributor
Jul 14, 2025

Compliance search is not returning any data (Powershell)

At our organization, we have an SOP for purging phishing emails from all mailboxes. Part of that is creating a search and then examining it for any legit emails before going on to the purge step. The commands below are no longer returning any data, and they used to work.  What has changed?

PS C:\Windows\system32> Connect-IPPSSession -UserPrincipalName email address removed for privacy reasons

PS C:\Windows\system32> New-ComplianceSearch -Name "Broken" -ExchangeLocation All -ContentMatchQuery 'Subject:"invoice"'

Name   RunBy JobEndTime Status

----   ----- ---------- ------

Broken                  NotStarted

PS C:\Windows\system32> Start-compliancesearch -identity "broken"

PS C:\Windows\system32> Get-compliancesearch -identity "broken"

Name   RunBy             JobEndTime           Status

----   -----             ----------           ------

Broken admin 7/14/2025 8:17:09 PM Completed

PS C:\Windows\system32> Get-ComplianceSearch -Identity "broken" | 

>> Select-Object Name, Status, ItemsFound, Size, CreatedBy, CreatedTime | 

>> Export-Csv -Path "C:\filename.csv" -NoTypeInformation

The resultant .csv has only the headers, but no information about emails, so any purge commands have nothing to purge. 

Thank you

compliance
ediscovery
email
microsoft purview
Microsoft Search
powershell

1 Reply

  • Kidd_Ip's avatar
    Kidd_Ip
    MVP
    Jul 18, 2025

    Seems quite similar case with this, please try to fix by the following:

     

    • Verify Role Assignments:
      • Go to Purview > Roles & Permissions and confirm you're in the Organization Management group.
      • Do the same in Exchange Admin Center—these groups are granular and must be assigned separately.
    • Run Search via Portal: As a test, create the same search in the Purview portal. If it returns results there, the issue is likely with how PowerShell is linking the search to your user context.
    • Check for Ownership Issues: Searches might only be visible to the user who created them. If automation or service accounts are used, make sure they have the right visibility.
    • Audit Logs: Review audit logs in Purview to confirm whether the search actually processed any mailboxes.
    • Module Versions: Ensure you’re using the latest version of the ExchangeOnlineManagement and Security & Compliance modules. Older versions can cause silent failures.

    Can't See Compliance Search Results in Purview Portal When Search Is Initiated via PowerShell - Microsoft Q&A

Resources