Jun 04 2021 09:56 AM - edited Jun 08 2021 06:43 AM
Hello,
We are using Exchange Online Unified DLP Moderation features (the DLP Action "Forward the message for approval to specific approvers") and have not been able to find any reporting capabilities for this feature. Also, the approval / deny actions don't seem to show up in message traces -- at least as far as I can tell. (If this is documented somewhere please point this out to me.)
I'd like to be able to report on the total number of messages that entered the moderation workflow, how many were approved, denied, and timed out (the approver took no action). I'd also like the ability to capture a reason for the approval or denial action.
Anyone? Is any of this partially possible?
Brian Clark
Jun 04 2021 11:29 PM
Jun 07 2021 12:30 PM
@VasilMichev
Thanks for your response. The "moderation" feature we are using is the DLP Action "Forward the message for approval to specific approvers". See attached DLP approval workflow screenshot to see how this option looks in my tenant.
The term "moderation" comes from the "ExModerate" Rule Action that is shown in the DLP event Activity Details screen in the Data Loss Prevention Activities Explorer. See attached DLP exmoderate screenshot to see how this looks in my tenant.
As you can see from the Activity Details, you are unable to see the result of the ExModerate Rule Action. Did the approver approve or deny the message? I cannot see that in the Activity Details.
I have also looked in my DLP Alerts and have not been able to find out the approval/denial action.
Any other ideas on where I can get this information?
Thanks,
Brian
Jun 08 2021 12:21 AM