olangness
diff --git a/‎exchange/exchange-ps/exchange/policy-and-compliance-audit/Get-UnifiedAuditLogRetentionPolicy.md
Lines changed: 290 additions & 0 deletions b/‎exchange/exchange-ps/exchange/policy-and-compliance-audit/Get-UnifiedAuditLogRetentionPolicy.md
Lines changed: 290 additions & 0 deletions
@@ -0,0 +1,290 @@
+---
+external help file: Microsoft.Exchange.TransportMailflow-Help.xml
+online version: https://docs.microsoft.com/powershell/module/exchange/policy-and-compliance-audit/get-unifiedauditlogretentionpolicy
+applicable: Office 365 Security & Compliance Center
+title: Get-UnifiedAuditLogRetentionPolicy
+schema: 2.0.0
+author: chrisda
+ms.author: chrisda
+ms.reviewer:
+monikerRange: "o365scc-ps"
+---
+
+# Get-UnifiedAuditLogRetentionPolicy
+
+## SYNOPSIS
+This cmdlet is available only in Office 365 Security & Compliance Center PowerShell. For more information, see [Office 365 Security & Compliance Center PowerShell](https://docs.microsoft.com/powershell/exchange/office-365-scc/office-365-scc-powershell).
+
+Use the Get-UnifiedAuditLogRetentionPolicy cmdlet to view the properties of the audit log retention policies in your organization.
+
+For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://docs.microsoft.com/powershell/exchange/exchange-server/exchange-cmdlet-syntax).
+
+## SYNTAX
+
+```
+Get-UnifiedAuditLogRetentionPolicy
+ [-Operation <String>]
+ [-RecordType <AuditRecordType>]
+ [-RetentionDuration <UnifiedAuditLogRetentionDuration>]
+ [-UserId <String>]
+ [<CommonParameters>]
+```
+
+## DESCRIPTION
+Audit log retention policies are used to specify a retention duration for audit logs for that are generated by admin and user activity. An audit log retention policy can specify the retention duration based on the type of audited activities, the Office 365 service that activities are performed in, or the users who performed the activities. For more information, see [Manage audit log retention policies](https://docs.microsoft.com/microsoft-365/compliance/audit-log-retention-policies).
+ 
+You need to be assigned permissions in the Office 365 Security & Compliance Center before you can use this cmdlet. For more information, see [Permissions in Office 365 Security & Compliance Center](https://go.microsoft.com/fwlink/p/?LinkId=511920).
+
+## EXAMPLES
+
+### Example 1
+```powershell
+Get-UnifiedAuditLogRetentionPolicy | Sort-Object -Property Priority -Descending | Format-List Priority,Name,Description,RecordTypes,Operations,UserIds,RetentionDuration
+```
+
+This example lists the configurable properties for all audit log retention policies in your organization. The command also lists the policies in order of highest to lowest priority.
+
+### Example 2
+```powershell
+Get-UnifiedAuditLogRetentionPolicy -RecordType ExchangeItem | Format-List Name,Description,RecordTypes,Operations,UserIds,RetentionDuration,Priority
+```
+
+This example lists the configurable properties for all audit log retention policies that apply to audit records the record type of ExchangeItem.
+
+
+## PARAMETERS
+
+### -Operation
+The Operations parameter filters the results by the operations that are specified in the policy. For a list of the available values for this parameter, see [Audited activities](https://go.microsoft.com/fwlink/p/?LinkId=708432).
+
+To enter multiple values, use the following syntax: \<value1\>,\<value2\>,...\<valueX\>. If the values contain spaces or otherwise require quotation marks, use the following syntax: "\<value1\>","\<value2\>",..."\<valueX\>".
+
+```yaml
+Type: String
+Parameter Sets: (All)
+Aliases:
+Applicable: Office 365 Security & Compliance Center
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -RecordType
+The RecordType parameter filters the results by the record types that are defined in the policy. Valid values are:
+
+- AeD
+
+- AirInvestigation
+
+- ApplicationAudit
+
+- AzureActiveDirectory
+
+- AzureActiveDirectoryAccountLogon
+
+- AzureActiveDirectoryStsLogon
+
+- CRM
+
+- Campaign
+
+- ComplianceDLPExchange
+
+- ComplianceDLPSharePoint
+
+- ComplianceDLPSharePointClassification
+
+- ComplianceSupervisionExchange
+
+- CustomerKeyServiceEncryption
+
+- DLPEndpoint
+
+- DataCenterSecurityCmdlet
+
+- DataGovernance
+
+- DataInsightsRestApiAudit
+
+- Discovery
+
+- ExchangeAdmin
+
+- ExchangeAggregatedOperation
+
+- ExchangeItem
+
+- ExchangeItemAggregated
+
+- ExchangeItemGroup
+
+- HRSignal
+
+- HygieneEvent
+
+- InformationBarrierPolicyApplication
+
+- InformationWorkerProtection
+
+- Kaizala
+
+- LabelExplorer
+
+- MIPLabel
+
+- MailSubmission
+
+- MicrosoftFlow
+
+- MicrosoftForms
+
+- MicrosoftStream
+
+- MicrosoftTeams
+
+- MicrosoftTeamsAdmin
+
+- MicrosoftTeamsAnalytics
+
+- MicrosoftTeamsDevice
+
+- MicrosoftTeamsShifts
+
+- MipAutoLabelExchangeItem
+
+- MipAutoLabelSharePointItem
+
+- MipAutoLabelSharePointPolicyLocation
+
+- OfficeNative
+
+- OneDrive
+
+- PowerAppsApp
+
+- PowerAppsPlan
+
+- PowerBIAudit
+
+- Project
+
+- Quarantine
+
+- SecurityComplianceAlerts
+
+- SecurityComplianceCenterEOPCmdlet
+
+- SecurityComplianceInsights
+
+- SharePoint
+
+- SharePointCommentOperation
+
+- SharePointContentTypeOperation
+
+- SharePointFieldOperation
+
+- SharePointFileOperation
+
+- SharePointListItemOperation
+
+- SharePointListOperation
+
+- SharePointSharingOperation
+
+- SkypeForBusinessCmdlets
+
+- SkypeForBusinessPSTNUsage
+
+- SkypeForBusinessUsersBlocked
+
+- Sway
+
+- SyntheticProbe
+
+- TeamsHealthcare
+
+- ThreatFinder
+
+- ThreatIntelligence
+
+- ThreatIntelligenceAtpContent
+
+- ThreatIntelligenceUrl
+
+- WorkplaceAnalytics
+
+- Yammer
+
+```yaml
+Type: AuditRecordType
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -RetentionDuration
+The RetentionDuration parameter filters the policy results by the retention duration specified in the policy. Valid values are:
+
+- ThreeMonths
+
+- SixMonths
+
+- NineMonths
+
+- TwelveMonths
+
+```yaml
+Type: UnifiedAuditLogRetentionDuration
+Parameter Sets: (All)
+Aliases:
+Accepted values: ThreeMonths, SixMonths, NineMonths, TwelveMonths
+Applicable: Office 365 Security & Compliance Center
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -UserId
+The UserIds parameter filters the policy results by the ID of the users who are specified in the policy.
+
+To enter multiple values, use the following syntax: \<value1\>,\<value2\>,...\<valueX\>. If the values contain spaces or otherwise require quotation marks, use the following syntax: "\<value1\>","\<value2\>",..."\<valueX\>".
+
+```yaml
+Type: String
+Parameter Sets: (All)
+Aliases:
+Applicable: Office 365 Security & Compliance Center
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### CommonParameters
+This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/p/?LinkID=113216).
+
+## INPUTS
+
+###  
+
+## OUTPUTS
+
+###  
+
+## NOTES
+
+## RELATED LINKS