AvePoint Learn
Request article
Contact support
Request article
Contact support
English

Home > Security Control > Perform a Security Search

Export to PDF

Perform a Security Search

Security Search supports searching Administrator permissions, including inherited permissions and explicit permissions.

If there are a large number of Microsoft 365 objects, to improve the performance of concurrent security search jobs, you can use multiple accounts to run jobs by building an account pool in AvePoint Online Services. For more information on building an account pool, refer to Manage Account Pool (Obsolete).

Use Security Search Form Mode

Security Search Form Mode offers the ability to run a quick security search by providing a truncated version of all of the search settings on one page.

To perform a security search using the form mode, complete the following steps:

  1. Select the Scope of the content (from group level to item level).

  2. Click Security > Security Search > Security Search Form Mode. The Security Search Form Mode tab appears.

  3. Enter a Plan Name for the plan. A default plan name in the format Security SearchHH:MM:SS YYYY-MM-DD is provided. Click Check next to the plan name to check whether the specified plan name is available. A green check mark indicates that the specified plan name is available. A warning message appears if the specified plan name already exists and some suggested plan names are listed beneath.

  4. Add an optional Description if desired.

  5. Configure the User Type to define the user types that you would like to include in your security search.

    • Select All – Search the users of the following three user types.

    • External Users – Search the users out of SharePoint.

    • Users with Guest Links – Search the users that access documents in the selected node using a guest link.

    • User andGroup – Search the existing users and groups in SharePoint.

  6. Enter the User and Group for which to search.

    • Use the people picker to specify the Microsoft Entra users/groups that you want to include in or exclude from this security search. Click the Check Names icon to verify the entered names, or click the Browse icon to browse through a list of names.

    • Use the SharePoint Groups text box to specify the SharePoint groups that you want to include in this security search. These names will not be validated against SharePoint. Thus, make sure you spell them correctly.

    Note that if no users or groups are specified in the User and Group field, all of the users or groups under the specified nodes are searched.

  7. Configure the Permission Settings to limit the users or contents searched according to the permissions assigned to them.

    • Has Permissions – Limit the search result based upon the permission; these include Search for any Permission, Administrator, Full Control, Design, Edit, Contribute, Read, View Only, and Limited Access. After selecting the relevant permissions, click Details to view the detailed information of this permission. To search for custom permission levels, select the Custom Permission Levels option, and then enter the names of the permission levels into the text box below, separated by semicolons.

      We search for permissions based on permission details of SharePoint Online built-in permission levels and custom permission levels, not based on permission level names.

    • Exact permission – Match the search result with the exact permission selected, while Exact permission or better matches the search result with users or content whose permission is no less than the selected permission.

    • Include inherited permissions – Select this option to include the users' and groups’ permissions for those SharePoint objects inheriting permission settings from their parent nodes. By choosing this option, you will see a result of all of the permission levels granted to the SharePoint objects you’ve selected for this plan. Note that selecting this option will slow down the search speed.

  8. In the Search Level field, designate the SharePoint object levels where you want to search for specific permissions by selecting the corresponding checkboxes. Only the permissions for the selected levels will be included in the search result. Limiting the search scope will greatly improve Security Search performance and provide more accurate results.

  9. In the Search Filter field, use the drop-down lists to add a filter rule specifying which objects or data within each SharePoint level will be searched. Click Add to add the rule to the list. For more information related to search filters, refer to Table of Filter Conditions.

    • Change the logical relationship between two or more filter rules by clicking And/Or to the right of the list entry: if And is selected, the content that meets all rules is displayed; if Or is selected, the content that meets one of the rules is displayed.

    • The Basic Filter Conditions field lists the logical relationship between the filter rules.

    • If desired, click the down arrow beside the filter rule number to reorder filter rules of the same level.

    If no filter policy is specified in the Search Filter pane, all objects or data under the specified nodes are searched.

  10. Choose whether to Exclude Hidden Lists from the search results.

  11. Choose whether to Exclude System Lists from the search results.

  12. Select a previously created Export Location for storing the search result reports of this plan. After a job of this plan is finished, the search results will be exported to a report file and stored in the selected export location.

    To create a new export location, select New Export Location in the drop-down list. For detailed instructions on how to create an export location, refer to Configure Export Locations.

    Separate reports based on site collections – This checkbox will appear if the selected scope contains multiple site collections and the selected export location is a SharePoint Online document library. By selecting this checkbox, security search reports will be separated based on site collections and exported to the automatically generated folders in the defined document library, one folder per site collection. You need to select an option below:

    • Overwrite the existing reports – If you select this option, the newly generated reports will overwrite the existing reports every time you run this plan. The security search report name will be in the format of Security_Search_Report_SiteCollectionName_PlanID.

    • Create new reports – If you select this option, new reports will be generated every time you run this plan. The security search report name will be in the format of Security_Search_Report_SiteCollectionName_Date.

  13. Select a scheduling option:

    • No schedule – Select this option to run a security search without a schedule.

    • Configure the schedule myself – Select this option to configure a customized schedule, and run the security search by schedule. Fill in the parameters according to your desired schedule. After configuring the schedule for the search, click Calendar View to view the scheduled search by day, week, or month.

  14. Select a previously-created user notification profile from the Notification drop-down list, or select New Notification to configure a new user notification. You can click View to view the detailed information of the selected user notification profile.

  15. Click OK or Save and Run Now on the lower-right section of the screen. The security search plan is now listed in Plan Manager.

Use a Predefined Search

Start with a Predefined Search offers the ability to apply a predefined search profile on a newly-specified scope. To start a predefined search, complete the following steps:

  1. Select the Scope of the content (from group level to item level).

  2. Click Security > Security Search > Start with a Predefined Search. The predefined search screen appears.

  3. Select a predefined search profile from the drop-down list. The information for the selected search job displays in the Summary section.

  4. Click Search from the lower-right section of the screen to start this search job.

Ensure that the predefined search profile is applied on a scope level no lower than the top filter level specified in the search profile. For example, if you have set up search filter rules on the site collection level and site level in a predefined profile, the node level for starting with a predefined search must be equal to or higher than the site collection level.