New-SupervisoryReviewRule
此 cmdlet 仅在安全性 & 合规性 PowerShell 中可用。 有关详细信息,请参阅 安全性 & 合规性 PowerShell。
使用 New-SupervisoryReviewRule cmdlet 在Microsoft Purview 合规门户中创建监督评审规则。 监管审核允许你定义捕获组织中通信的策略,以便内部或外部审阅者检查通信。
有关以下语法部分的参数设置的详细信息,请参阅 Exchange cmdlet 语法。
语法
New-SupervisoryReviewRule
[-Name] <String>
-Policy <PolicyIdParameter>
[-CcsiDataModelOperator <String>]
[-Condition <String>]
[-Confirm]
[-ContentContainsSensitiveInformation <PswsHashtable[]>]
[-ContentMatchesDataModel <String>]
[-ContentSources <String[]>]
[-DayXInsights <Boolean>]
[-ExceptIfFrom <MultiValuedProperty>]
[-ExceptIfRecipientDomainIs <MultiValuedProperty>]
[-ExceptIfRevieweeIs <MultiValuedProperty>]
[-ExceptIfSenderDomainIs <MultiValuedProperty>]
[-ExceptIfSentTo <MultiValuedProperty>]
[-ExceptIfSubjectOrBodyContainsWords <MultiValuedProperty>]
[-From <MultiValuedProperty>]
[-IncludeAdaptiveScopes <String[]>]
[-InPurviewFilter <String>]
[-Ocr <Boolean>]
[-SamplingRate <Int32>]
[-SentTo <MultiValuedProperty>]
[-WhatIf]
[<CommonParameters>] 说明
若要在安全性 & 合规性 PowerShell 中使用此 cmdlet,需要分配权限。 有关详细信息,请参阅 Microsoft Purview 合规门户中的权限。
示例
示例 1
New-SupervisoryReviewRule -Name "EU Brokers Rule" -Policy "EU Brokers Policy" -SamplingRate 100 -Condition "((NOT(Reviewee:US Compliance)) -AND (Reviewee:EU Brokers) -AND ((trade) -OR (insider trading)) -AND (NOT(approved by the Contoso financial team)))"本示例使用以下设置创建名为“EU Brokers Rule”的新监管审核规则:
- 策略:欧盟经纪人政策
- 采样率:100%
- 条件:监督包含“贸易”或“内幕交易”字眼的欧盟经纪人集团成员的入站和出站通信。
- 例外:排除对欧盟合规性组成员的监督,或包含“经 Contoso 财务团队批准”短语的消息。
参数
-CcsiDataModelOperator
{{ Fill CcsiDataModelOperator Description }}
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Condition
Condition 参数指定规则的条件和例外情况。 此参数使用以下语法:
- 用于监督的用户或组通信:
"((Reviewee:<emailaddress1>) -OR (Reviewee:<emailaddress2>)...)"。 异常使用语法"(NOT((Reviewee:<emailaddress1>) -OR (Reviewee:<emailaddress2>)...))"。 - 方向:
"((Direction:Inbound) -OR (Direction:Outbound) -OR (Direction:Internal))"。 - 消息包含字词:
"((<Word1orPhrase1>) -OR (<Word2orPhrase2>)...)"。 异常使用语法"(NOT((<Word1orPhrase1>) -OR (<Word2orPhrase2>)...))"。 - 任何附件都包含字词:
"((Attachment:<word1>) -OR (Attachment:<word2>)...)"。 异常使用语法"(NOT((Attachment:<word1>) -OR (Attachment:<word2>)...))"。 - 任何附件的扩展名为 :
"((AttachmentName:.<extension1>) -OR (AttachmentName:.<extension2>)...)"。 异常使用语法"(NOT((AttachmentName:.<extension1>) -OR (AttachmentName:.<extension2>)...))"。 - 消息大小大于:
"(MessageSize:<size in B, KB, MB or GB>)"。 例如"(MessageSize:300KB)"。 异常使用语法"(NOT(MessageSize:<size in B, KB, MB or GB>))"。 - 任何附件都大于:
"(AttachmentSize:<size in B, KB, MB or GB>)"。 例如"(AttachmentSize:3MB)"。 异常使用语法"(NOT(AttachmentSize:<size in B, KB, MB or GB>))"。 - 整个筛选器周围需要括号 ( ) 。
- 使用 AND 运算符分隔多个条件或异常类型。 例如,
"((Reviewee:chris@contoso.com) -AND (AttachmentSize:3MB))"。
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Confirm
Confirm 开关指定是否显示确认提示。 此开关对 cmdlet 造成的影响取决于在你继续操作之前 cmdlet 是否需要确认。
- 破坏性 cmdlet (例如,Remove-* cmdlet) 具有内置的暂停,该暂停会强制你在继续操作之前确认命令。 对于这些 cmdlet,您可以使用此确切语法跳过确认提示:
-Confirm:$false。 - 大多数其他 cmdlet (例如,New-* 和 Set-* cmdlet) 没有内置暂停。 对于这些 cmdlet,指定不含值的 Confirm 开关会引入暂停,从而强制要求你先确认命令,然后再继续操作。
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-ContentContainsSensitiveInformation
{{ Fill ContentContainsSensitiveInformation Description }}
| Type: | PswsHashtable[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-ContentMatchesDataModel
{{ Fill ContentMatchesDataModel Description }}
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-ContentSources
{{ Fill ContentSources Description }}
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-DayXInsights
{{ Fill DayXInsights Description }}
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-ExceptIfFrom
{{ Fill ExceptIfFrom Description }}
| Type: | undefined |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-ExceptIfRecipientDomainIs
{{ Fill ExceptIfRecipientDomainIs Description }}
| Type: | MultiValuedProperty |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-ExceptIfRevieweeIs
{{ Fill ExceptIfRevieweeIs Description }}
| Type: | MultiValuedProperty |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-ExceptIfSenderDomainIs
{{ Fill ExceptIfSenderDomainIs Description }}
| Type: | MultiValuedProperty |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-ExceptIfSentTo
{{ Fill ExceptIfSentTo Description }}
| Type: | undefined |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-ExceptIfSubjectOrBodyContainsWords
{{ Fill ExceptIfSubjectOrBodyContainsWords Description }}
| Type: | MultiValuedProperty |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-From
{{ 从说明填充 }}
| Type: | undefined |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-IncludeAdaptiveScopes
{{ Fill IncludeAdaptiveScopes Description }}
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-InPurviewFilter
{{ Fill InPurviewFilter Description }}
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Name
Name 参数指定监管审核规则的唯一名称。 该名称长度不得超过 64 个字符。 如果值包含空格,则使用引号 (") 括住该值。
| Type: | String |
| Position: | 1 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Ocr
{{ Fill Ocr Description }}
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-Policy
Policy 参数指定分配给规则的监督评审策略。 可以使用任何能够唯一标识该策略的值。 例如:
- 名称
- 可分辨名称 (DN)
- GUID
| Type: | PolicyIdParameter |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-SamplingRate
SamplingRate 参数指定等待审阅的通信的百分比。 如果希望审阅者查看所有已检测的项目,请使用值 100。
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-SentTo
{{ Fill SentTo Description }}
| Type: | undefined |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
-WhatIf
WhatIf 开关在安全 & 合规性 PowerShell 中不起作用。
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |