Create E-Discovery Search
Creates an e-Discovery search.
- Least privileged Microsoft Graph permission to access the action via application:
eDiscovery.Read.All
. - Higher privileged Microsoft Graph permission to access the action via application:
eDiscovery.ReadWrite.All
.
External Documentation
To learn more, visit the Microsoft E-Discovery documentation.
Basic Parameters
Parameter | Description |
---|---|
Content Query | The query used for the search in Keyword Query Language. |
Description | The description of the search. |
Display Name | The display name of the search. |
E-Discovery Case ID | The e-Discovery case ID of the case that the search will belong to. Can be obtained by using the List Cases action. |
Advanced Parameters
Parameter | Description |
---|---|
Date Source Scopes | The option to search across all mailboxes or sites in the tenant. |
Example Output
{
"displayName": "My search 2",
"description": "My first search",
"contentQuery": "(Author=\"edison\")",
"custodianSources@odata.bind": [
"https://graph.microsoft.com/beta/security/cases/ediscoveryCases/b0073e4e-4184-41c6-9eb7-8c8cc3e2288b/custodians/0053a61a3b6c42738f7606791716a22a/userSources/43434642-3137-3138-3432-374142313639",
"https://graph.microsoft.com/beta/security/cases/ediscoveryCases/b0073e4e-4184-41c6-9eb7-8c8cc3e2288b/custodians/0053a61a3b6c42738f7606791716a22a/siteSources/169718e3-a8df-449d-bef4-ee09fe1ddc5d",
"https://graph.microsoft.com/beta/security/cases/ediscoveryCases('b0073e4e-4184-41c6-9eb7-8c8cc3e2288b')/custodians('0053a61a3b6c42738f7606791716a22a')/unifiedGroupSources('32e14fa4-3106-4bd2-a245-34bf0c718a7e')"
],
"noncustodialSources@odata.bind": [
"https://graph.microsoft.com/beta/security/cases/ediscoveryCases/b0073e4e-4184-41c6-9eb7-8c8cc3e2288b/noncustodialdatasources/35393639323133394345384344303043"
]
}
Workflow Library Example
Create E Discovery Search with Microsoft E Discovery and Send Results Via Email
Preview this Workflow on desktop