Yes. This was a report that was ran for management using SCC. It was identified after the fact that an email was sent that did not show up on the report. It appears SCC pulls from some data warehouse that has a delay compared to EAC. My issue is with Microsoft's response that SCC is not credible and the excuse that it's a preview, so that's somehow to be expected. First, it's not preview and went GA on 2/22/18. Second, if the search will not encompass emails sent within a certain period of the report being ran, it would be so easy to detect this and report to the user with a big red flag that the report "may not contain emails sent before [last data warehouse event]."

Ticket #11076270 if they have access to the details. I've gotten nowhere with MS over the past 3 days. Can't say that's not typical. We also have our MS reps looking into this as well. 

The Message Trace features in SCC and EAC use exactly the same back end query mechanisms.  So it is literally impossible for the data to exist in one and not the other.  What can happen, however, is that the result could be only one of the two data repositories that both admin experiences use.  Specifically:

1. short term data storage (7-10 day)
2. longer term data store (>10days to 90 days)

Depending on how you structure your query in each experience determines which source is searched - we never search both at the same time.  We think we made it much clearer in the new experience, but we also made it smarter at picking the best option vs. requiring an explicit decision.  If someone is used to an explicit decision, I can see why they might think the back end has changed.

Now, depending which data store doesn't have the message in question, it could be due to a data ingestion issue for that particular source, and should be troubleshot accordingly and escalated if necessary.  We do investigate issues of this nature, though we'll need to figure out which data storage and how long since the message was sent.  We do absolutely care about the credibility of Message Trace.

Scott, I appreciate your reply. Note, however, that the credibility statement was taken verbatim directly from a Microsoft employee.  If you have access to review the tickets, the ticket # was provided. I tried to get the matter escalated and the reply was requesting to close the ticket as the issue was not "recurring" and there was nothing the engineer could do. I requested management escalation no less than three times.

As for this incident, the email in question was sent approximately four hours before the report was ran, and it was a 90 day report. The filters have been verified and the email did not appear on the report. This means the reporting is not accurate without some sort of warning. Period.