M365 Archive

RM562051 - Microsoft Purview: Data Loss Prevention - Enriched Audit Data for Matched Rules

Microsoft 365 Roadmap

Summary

When DLP rules detect policy violations in Exchange Online, they generate audit records that administrators rely on for compliance monitoring, incident investigation, and policy tuning. Previously, these records only showed Sensitive Information Type matches. This feature aims to extend that to sender domain, subject keywords, attachment type, or recipient information. Now they will be visible in alerts and Activity Explorer providing data enrichment to the administrators.

Roadmap ID

562051

View in M365 Roadmap

Published

May 12, 2026

Status

In development

Release

General Availability
Preview

Platforms

Web

Service

Microsoft Purview

Tag

In development
General Availability
Preview
Worldwide (Standard Multi-Tenant)

Cloud

Worldwide (Standard Multi-Tenant)

Description

When DLP rules detect policy violations in Exchange Online, they generate audit records that administrators rely on for compliance monitoring, incident investigation, and policy tuning. Previously, these records only showed Sensitive Information Type matches. This feature aims to extend that to sender domain, subject keywords, attachment type, or recipient information. Now they will be visible in alerts and Activity Explorer providing data enrichment to the administrators.

GA date: June CY2026

Preview date: May CY2026