Enterprise Vault.cloud™ Advanced eDiscovery User Guide

Last Published:
Product(s): Veritas Alta eDiscovery (Version Not Specified)
  1. About Enterprise Vault Advanced eDiscovery
    1.  
      Introducing Enterprise Vault Advanced eDiscovery
    2.  
      Advanced eDiscovery key features
    3.  
      About classification
    4.  
      Advanced eDiscovery term definitions
  2. Getting started with Advanced eDiscovery
    1.  
      Logging on to Advanced eDiscovery
    2. About the Advanced eDiscovery user interface
      1.  
        About the Investigations tab
      2.  
        About the E-Discovery tab
      3.  
        About the Administration tab
      4.  
        About the Alerts tab
      5.  
        About the Dashboard tab
      6.  
        About the Continuity tab
    3.  
      Accessing your own archived emails
  3. Advanced eDiscovery roles
    1.  
      About account roles and Advanced eDiscovery
    2.  
      Account role
    3.  
      Reviewer role
    4.  
      Administrator role
    5. Assigning roles for Advanced eDiscovery
      1.  
        Assigning the Reviewer role to an account
      2.  
        Assigning the Administrator role to an account
  4. Investigations
    1.  
      About Investigations
    2.  
      About the Managed Accounts node
    3.  
      Creating a label
    4.  
      Performing a new search of accounts (Investigations tab)
    5.  
      Saving a search of accounts (Investigations tab)
    6.  
      Viewing or modifying a saved search (Investigations tab)
    7.  
      Generating and exporting printable reports for searches (Investigations tab)
    8.  
      Deleting saved searches (Investigations tab)
    9.  
      Working with emails in the Investigations tab
    10.  
      Hiding and unhiding emails
    11.  
      Deleting emails permanently
    12.  
      About the Mail Reassignment node
    13.  
      Reassigning emails
    14.  
      Viewing email reassignment status
    15.  
      Canceling the email reassignment activity
    16.  
      Generating a Mail Reassignment status report
    17.  
      Sending notifications to the mail reassignment batch initiator
    18.  
      About Collaboration
    19.  
      Searching Collaboration messages during investigation
    20.  
      Applying tags to Collaboration messages during investigation
  5. Case management
    1.  
      About Targeted Collections
    2.  
      Configuring Targeted Collection for Microsoft Teams
    3.  
      About cases in the E-Discovery tab
    4.  
      Case workflow summary: Discovery Administrator
    5.  
      Customizing the case review status tags
    6.  
      Creating a case
    7.  
      Viewing the details of a case
    8.  
      Editing a case
    9.  
      Performing a new search of a case
    10.  
      Saving a search of a case
    11.  
      Viewing and modifying a saved search of a case
    12.  
      Applying a search-level legal hold
    13.  
      Assigning Research Sets to reviewers
    14.  
      Generating printable reports for searches
    15.  
      Searching and tagging Collaboration messages in E-Discovery
  6. Reviewing and working with emails in eDiscovery
    1.  
      About reviewing cases
    2.  
      Case workflow summary: reviewer
    3.  
      Reviewing emails of cases
    4.  
      Applying a case review status tag to emails
    5.  
      Applying tags to emails
    6.  
      Adding case notes to emails
    7.  
      Printing emails
    8.  
      Restoring emails
    9.  
      Forwarding emails
  7. Email export
    1.  
      Exporting emails
    2.  
      Sharing exports with Discovery administrators
    3.  
      Sharing exports with the external reviewers
    4.  
      Reviewing Export Status
    5.  
      Resubmitting failed export items
    6.  
      Option to maintain folder structure in the export
    7.  
      Canceling Export Batch
    8.  
      Email export FAQ
  8. Collaborative reports
    1.  
      About collaborative eDiscovery reporting
    2.  
      Report by email: Audit trail
    3.  
      Report by Case: Case History
    4.  
      Report by Case: Case Summary
    5.  
      Report by Archive: eDiscovery dashboard
  9. Advanced eDiscovery alerts
    1.  
      Creating an alert
  10. Email Continuity
    1.  
      Managing Email Continuity
    2.  
      Viewing Continuity emails
  11. Methods for searching cases and accounts
    1.  
      About Advanced Search
    2.  
      Search syntax for Advanced Search
    3.  
      About stop words and special characters
    4.  
      Phrase searches
    5. Boolean operator searches
      1.  
        AND operator search
      2.  
        OR operator search
      3.  
        NOT operator search
      4.  
        About using multiple Boolean operators
      5.  
        About using Boolean operators with phrase searches
      6.  
        About Boolean operators and special characters
    6.  
      Wildcard searches
    7.  
      Proximity searches
    8.  
      Double-byte character set searches
    9.  
      About enhanced searches in Japanese
    10.  
      Searchable attachment types
    11.  
      Search examples and tips
  12. Methods for searching tables and reports
    1.  
      About Quick Search and Criteria Search
    2.  
      Searching tables, lists, and reports
  13. Advanced eDiscovery Frequently Asked Questions
    1.  
      Frequently Asked Questions
  14. Best practices, limitations, and known issues
    1.  
      Best practices and limitations with Advanced eDiscovery
    2.  
      Known issues with Advanced eDiscovery
  15. Advanced eDiscovery updates in previous releases
    1.  
      About the Advanced eDiscovery updates in previous releases

Search examples and tips

Examples of using Basic, Advanced, and Quick Search

Suppose that you want to search for the messages that relate to the resetting of a password. You can enter password reset into the Search box and click Search to perform a Search. The space between password and reset is treated as an AND operator, so the returned results contain any messages that include both the word password and the word reset.

Suppose that you now decide to search for the phrase password reset, and to exclude from the results any emails that reference the word Box. You can use an Advanced Search for this purpose. Click the expand icon to display the Advanced Search options. Your original Search is now shown in the first criteria row.

Insert double quotation marks around password reset to specify it as a phrase. Then click + to add a second criteria row. In the new criteria row, select Doesn't Contain and enter Box in the text field.

Click Search to perform the Advanced Search. The search returns any items that do not contain Box but that contain the exact phrase password reset.

You could obtain the same results if you entered the following term in the Search bar:

"password reset" NOT box

Table: List of query search terms lists some possible query search terms along with examples.

Table: List of query search terms

Search term

Data type

Description

Example

_All, Entiremessage

Text

Searches through all default fields. Similar to simple search or not specifying a field.

_All:(test or test2)

"hello world"

Entiremessage:test

Attachments.content

Text

Search by attachment content.

Attachments.content: "Hello World"

Attachments.extension

Text

Search by attachment file type (PDF, DOC, docx, and so on.)

Attachments.extension:docx

Attachments.filename

Text

Search by the file name of the attachment.

Attachments.filename:Report.PDF

Attcount

Integer

Search by the amount of attachments.

Attcount:6

Attflag

Boolean

Search by whether there is an attachment.

Attflag:true

Atttext

Text

Search the content of the attachments.

Atttext:Computers

Atttypes

Text

Search by the attachment type.

Atttypes:PDF

Cc

Text

Search by carbon copy recipients.

Cc:JoeBlogs@example.com

Sender:*@example.com

Classification.tags

Text

Search by classification tags.

Classification.tags:PII

Hidden

Boolean

Search whether email is visible to end user or not.

Email Hidden:

Hidden:(1)

Email Visible:

NOT Hidden:(1)

Inbound

Boolean

Search inbound emails.

Inbound:false

Ipheader

IP Address

Search by the IP header of the email.

Specific IP Address:

Ipheader:(10.201.1.1)

IP Address using wildcards:

Ipheader:(10.*.1.1) AND Ipheader:(10.201.?.1)

Maildate

Date Time

Search by the date the message was sent.

Closed Range:

Maildate: [2018-01-01T00:00:00 TO 2019-12-31T23:59:59]

Open Range:

Maildate: {2018-01-01T00:00:00 TO 2019-12-31T23:59:59}

Messagesizeinkb

Floating Point Number

Search by total size of the email.

Messagesizeinkb:[2.5 TO 5]

Outbound

Boolean

Search whether a user sent the email.

Outbound:true

Sender

Text

Search by the sender address(es).

Sender:JoeBlogs@example.com

Sender:*@example.com

Subject

Text

Search by the subject of the email.

Subject:IT

Textbody

Text

Search the text content of the email.

Textbody: "Hello World!"

To

Text

Search by recipient.

To:JoeBlogs@example.com

To:*@example.com

Examples of Query Searches:

  • MailDate:[2016-05-14T05:00:00 TO 2019-06-18T08:00:00]

  • Messagesizeinkb:[0.0 TO 11.5]

  • Subject:(export OR report)

  • MailDate:[2016-05-14T05:00:00 TO 2019-06-18T08:00:00] AND subject:archive

  • Sender:(*@domain.com OR *@domain2.com OR *@domain3.com)

  • Atttypes:(pdf OR docx) AND atttext:process

  • Attachments.filename:(Report.PDF or Export.docx)

Searching the From, To, BCC and CC fields

The To, From, and From/To search options are available within an Advanced Search.

  • The To option provides search results from the To, BCC, and CC fields.

  • The From option provides search results from the From field.

  • The From/To option provides search results from the From and To fields.

Searching within specific email domains

One way to search for items within a specific domain is to enter the domain name in the To field of an Advanced Search.

You can use wildcards to search for results from a group of similar domains. For example mycloud* returns emails for the domains that begin with mycloud.