eDiscovery Rules
1 detection rule in this category.
| Rule | Severity | MITRE | Source |
|---|---|---|---|
| eDiscovery search exported | Critical | T1213.002 | AuditLog |
eDiscovery search exported
| Property | Value |
|---|---|
| Severity | 🔴 Critical |
| Source | AuditLog |
| MITRE | T1213.002 (Collection) |
eDiscovery search results exported - potential data exfiltration
Conditions
- Match: all
OperationEqualsNew-ComplianceSearchActionParameters.ActionEqualsExport