New-ComplianceCase

This cmdlet is available only in Security & Compliance PowerShell. For more information, see Security & Compliance PowerShell.

Use the New-ComplianceCase cmdlet to create eDiscovery cases in the Microsoft Purview compliance portal. You use eDiscovery cases to place content locations on hold, perform Content Searches associated with the case, and export search results.

For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.

Syntax

New-ComplianceCase
   [-Name] <String>
   [-CaseType <ComplianceCaseType>]
   [-Confirm]
   [-Description <String>]
   [-DomainController <Fqdn>]
   [-ExternalId <String>]
   [-SecondaryCaseType <String>]
   [-SourceCaseType <String>]
   [-WhatIf]
   [<CommonParameters>]

Description

To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see Permissions in the Microsoft Purview compliance portal.

Examples

Example 1

New-ComplianceCase -Name "Fabrikam Litigation"

This example creates a new eDiscovery Standard case named Fabrikam Litigation.

Example 2

New-ComplianceCase -Name "Coho Case 03082020" -CaseType AdvancedEdiscovery -ExternalId "SaraDavis v. Coho Winery"

This example creates a new eDiscovery Premium case named Coho Case 03082020 and specifies an optional case Id of "SaraDavis v. Coho Winery".

Parameters

-CaseType

The CaseType parameter specifies the type of compliance case that you want to create. Valid values are:

  • AdvancedEdiscovery: eDiscovery Premium cases are used to manage legal or other types of investigations.
  • ComplianceClassifier: This type of case corresponds to a trainable classifier.
  • ComplianceWorkspace: This value is reserved for internal Microsoft use.
  • DataInvestigation: Data investigation cases are used to investigate data spillage incidents.
  • DSR: Data Subject Request (DSR) cases are used to manage General Data Protection Regulation (GDPR) DSR investigations.
  • eDiscovery: eDiscovery (also called eDiscovery Standard) cases are used to manage legal or other types of investigations. This is the default value.
  • InsiderRisk: Insider risk cases are use to manage insider risk management cases. Typically, insider risk management cases are manually created in the Microsoft Purview compliance portal to further investigate activity based on a risk alert.
  • InternalInvestigation: This value is reserved for internal Microsoft use.
  • SupervisionPolicy: This type of case corresponds to communication compliance policy.
Type:ComplianceCaseType
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance

-Confirm

The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.

  • Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: -Confirm:$false.
  • Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.
Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance

-Description

The Description parameter specifies a description for the compliance case. The maximum length is 256 characters. If the value contains spaces, enclose the value in quotation marks (").

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance

-DomainController

This parameter is reserved for internal Microsoft use.

Type:Fqdn
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance

-ExternalId

The ExternalId parameter specifies an optional ID or external case number that you can associate with the new compliance case.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance

-Name

The Name parameter specifies the unique name of the compliance case. The maximum length is 64 characters. If the value contains spaces, enclose the value in quotation marks (").

Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance

-SecondaryCaseType

This parameter is reserved for internal Microsoft use.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance

-SourceCaseType

This parameter is reserved for internal Microsoft use.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance

-WhatIf

The WhatIf switch doesn't work in Security & Compliance PowerShell.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance