eDiscovery in Microsoft Purview is a compliance solution that helps organizations search, preserve, and export Microsoft 365 data for legal and regulatory purposes. It enables administrators to identify relevant content across Exchange Online, SharePoint, OneDrive, and Teams during investigations or audits.
eDiscovery is part of Microsoft Purview compliance portal and is designed to help organizations:
It allows admins to search across multiple workloads from a single interface.
Try the M365Corner Microsoft 365 Reporting Tool โ your DIY pack with 20+ out-of-the-box M365 reports for Users, Groups, and Teams.
| Feature | Core eDiscovery | Premium eDiscovery |
|---|---|---|
| Content Search | โ | โ |
| Case Management | โ | โ |
| Legal Hold | โ | โ |
| Advanced Analytics | โ | โ |
| Review Sets | โ | โ |
๐ Insight:
Most small-to-mid admins use Core, but Premium is where enterprise/legal teams live.
eDiscovery can search across:
This is where you push internal linking ๐
Always apply a legal hold before conducting investigations to ensure that critical data is preserved and not permanently deleted.
eDiscovery in Microsoft 365 is a compliance feature within Microsoft Purview that allows administrators to search, preserve, and export organizational data for legal and regulatory purposes. It helps identify relevant information across services like Exchange Online, SharePoint, OneDrive, and Microsoft Teams during investigations.
Core eDiscovery provides basic capabilities such as content search, case management, and legal hold. Premium eDiscovery includes advanced features like data analytics, review sets, deduplication, and relevance scoring, making it suitable for complex legal investigations and large-scale data analysis.
Yes, eDiscovery can search Microsoft Teams chats, including both private chats and channel messages. These messages are stored in Exchange Online mailboxes, allowing them to be included in eDiscovery searches alongside emails and documents.
eDiscovery is available in the Microsoft Purview compliance portal. Administrators can access it by navigating to the Purview portal and selecting the eDiscovery (Core) or eDiscovery (Premium) solutions under the compliance features.
eDiscovery can search data across multiple Microsoft 365 services, including emails in Exchange Online, documents in SharePoint Online, files in OneDrive for Business, and chat messages in Microsoft Teams. This centralized search capability helps streamline investigations.
Yes, administrators must have appropriate permissions, such as being assigned to eDiscovery Manager or eDiscovery Administrator roles in Microsoft Purview. Without these roles, access to eDiscovery features will be restricted.
A legal hold (also known as a case hold) preserves content relevant to an investigation by preventing it from being deleted or modified. This ensures that critical data remains intact during legal or compliance processes.
Core eDiscovery is available in most Microsoft 365 enterprise plans, while Premium eDiscovery requires higher-tier licenses such as Microsoft 365 E5 or add-on compliance licenses. Availability may vary depending on the subscription.
eDiscovery in Microsoft Purview is a critical tool for Microsoft 365 administrators managing compliance and legal investigations. Understanding its capabilities ensures that organizations can efficiently locate and preserve data when it matters most.
Did You Know? Managing Microsoft 365 applications is even easier with automation. Try our Graph PowerShell scripts to automate tasks like generating reports, cleaning up inactive Teams, or assigning licenses efficiently.
Ready to get the most out of Microsoft 365 tools? Explore our free Microsoft 365 administration tools to simplify your administrative tasks and boost productivity.
© Created and Maintained by LEARNIT WELL SOLUTIONS. All Rights Reserved.