Configure permissions filtering for eDiscovery

Brass Contributor

I am trying to use permission filtering to give Legal and Compliance dept access to run eDiscovery searches for Stream videos only. This support article ( explains how to do this, however I am unable to get this to work, more so, using the examples from the article fails to yield expected results. I want to build a filter using the following criteria: (1) prevent searching of Exchange Online (EXO) mailboxes, and (2) allow searching of OneDrive only where a specific retention tag is used (SPO).


Here is a cmdlet that should do this: 


New-ComplianceSecurityFilter -FilterName LC-Stream -Users email address removed for privacy reasons -Filters "Mailbox_Alias -notlike '*'", "SiteContent_ComplianceTag -eq '4 year retention and then review'" -action all

eDiscovery RESULT:
EXO - nothing
SPO - nothing


As mentioned above, I tried using examples from this article to only show content for OneDrive or prevent mailbox searches, but the filters when applied verbatim from the article simply don't work.  Has anyone tried working with these?  I am open to using another method to accomplish the task at hand.

0 Replies