Glossary
This page provides a comprehensive list of activities, grouped by categories, with detailed descriptions and examples for each. You can search for specific activities, explore them by group, and view practical examples to better understand their purpose and usage. Whether you are managing compliance, monitoring processes, or analyzing data, this glossary will help you quickly find the information you need.
| Group | Title | Definition | Examples |
|---|---|---|---|
| File and page activities | Access file | The activity is recorded when a user or system opens, previews, or views a file in a supported platform (e.g., SharePoint Online, OneDrive for Business, Teams, or other connected systems) without editing or altering its content. | Opening a document in read-only mode; Previewing a document; Viewing a document; Accessing a file through an API call or automated process; Downloading a file from its original location |
| File and page activities | Changed retention label for a file | The activity is recorded when the retention label of a file is updated to change its retention period or classification. | Changing the retention label from 'General' to 'Confidential'; Applying a retention policy to a file |
| File and page activities | Deleted file marked as a record | The activity is recorded when a file marked as a record is deleted, indicating it was part of a compliance process. | Deleting a document that is marked as a record for compliance; Attempting to delete a record-protected file |
| File and page activities | Checked in file | The activity is recorded when a user checks in a file after making changes or edits. | Checking in a document after edits in SharePoint; Saving changes to a file and completing the check-in process |
| File and page activities | Changed record status to locked | The activity is recorded when the record status of a file is updated to locked, preventing further changes. | Locking a document to prevent editing; Updating record status for compliance |
| File and page activities | Changed record status to unlocked | The activity is recorded when the record status of a file is updated to unlocked, allowing modifications. | Unlocking a document to allow editing; Changing record status to enable updates |
| File and page activities | Checked out file | The activity is recorded when a user checks out a file to make changes exclusively. | Checking out a document in SharePoint to edit; Locking a file for exclusive edits |
| File and page activities | Copied file | The activity is recorded when a user or system makes a copy of a file. | Copying a document to a different folder; Duplicating a file for review purposes |
| File and page activities | Discarded file checkout | The activity is recorded when a user discards the check-out status of a file, reverting it to its previous state. | Discarding changes made during a checkout; Canceling the check-out status of a file |
| File and page activities | Deleted file | The activity is recorded when a file is deleted from its current location. | Deleting a file in SharePoint or OneDrive; Removing a document from a shared folder |
| File and page activities | Deleted file from recycle bin | The activity is recorded when a file is deleted from the first-stage recycle bin. | Permanently deleting a file from the recycle bin; Clearing the recycle bin manually |
| File and page activities | Deleted file from second-stage recycle bin | The activity is recorded when a file is permanently deleted from the second-stage recycle bin. | Deleting a file from second-stage recovery; Permanently removing a document |
| File and page activities | Detected document sensitivity mismatch | The activity is recorded when a file's sensitivity label is inconsistent with its content or policy. | Detecting confidential content in an unlabeled file; Mismatch in sensitivity classification |
| File and page activities | Detected malware in file | The activity is recorded when malware is detected in a file. | Scanning a file and detecting malware; Flagging a file as containing malicious content |
| File and page activities | Downloaded file | The activity is recorded when a user downloads a file from a supported location. | Downloading a document from SharePoint; Exporting a file for offline use |
| File and page activities | Modified file | The activity is recorded when a user or system makes changes to a file. | Editing a document in Word Online; Saving changes to a file |
| File and page activities | Moved file | The activity is recorded when a file is moved from one location to another. | Moving a file to a new folder; Relocating a document to another library |
| File and page activities | Uploaded file | The activity is recorded when a file is uploaded to a supported location. | Uploading a file to SharePoint; Adding a document to a shared folder |
| File and page activities | Viewed page | The activity is recorded when a user views a page. | Viewing a SharePoint page; Accessing a site homepage |
| File and page activities | Performed search query | The activity is recorded when a user performs a search query within a platform. | Searching for a file using keywords; Running a query in a SharePoint site |
| Information protection and DLP activities | Matched DLP rule | The activity is recorded when a file, email, or data matches a configured Data Loss Prevention (DLP) rule. | A document containing sensitive information like credit card numbers triggered a DLP rule; An email attachment matched a configured DLP rule |
| Information protection and DLP activities | Removed DLP rule from document | The activity is recorded when a DLP rule is manually or programmatically removed from a document. | Removing a DLP rule tag from a file; Clearing DLP classification for a document |
| Information protection and DLP activities | Applied sensitivity label to an email | The activity is recorded when a sensitivity label is applied to an email for classification or protection. | Applying a 'Confidential' sensitivity label to an email; Tagging an email with an encryption-based sensitivity label |
| Information protection and DLP activities | Matched auto-labeling policy rule | The activity is recorded when an auto-labeling policy rule matches content and applies labels automatically. | An auto-labeling policy flagged a document for containing sensitive keywords; Automatically applying a sensitivity label to a file |
| Information protection and DLP activities | Generated auto-labeling simulation feedback | The activity is recorded when feedback is generated as part of running an auto-labeling simulation. | Simulating auto-labeling for documents; Feedback identifies areas where labels would apply |
| Information protection and DLP activities | Generated auto-labeling simulation statistics | The activity is recorded when statistical data is generated during an auto-labeling simulation. | Generating statistics for auto-labeling simulation; Quantifying the number of files affected by labeling rules |
| Information protection and DLP activities | Completed auto-labeling policy simulation | The activity is recorded when an auto-labeling policy simulation has successfully completed. | Completing the simulation of auto-labeling policies; Assessing the impact of labeling rules before implementation |
| Information protection and DLP activities | Created DLP rule | The activity is recorded when a new Data Loss Prevention (DLP) rule is created in the system. | Creating a rule to detect and block sharing of credit card data; Defining a DLP rule for sensitive information protection |
| Information protection and DLP activities | Updated DLP rule | The activity is recorded when an existing DLP rule is modified or updated. | Updating conditions for a DLP rule; Changing the action taken when a rule is triggered |
| Information protection and DLP activities | Deleted DLP rule | The activity is recorded when a DLP rule is deleted from the system. | Removing an obsolete DLP rule; Deleting a rule that no longer applies |
| Information protection and DLP activities | Created DLP policy | The activity is recorded when a new DLP policy is created to govern data protection. | Creating a DLP policy to restrict sharing of personal data; Setting up a new policy for content classification |
| Information protection and DLP activities | Updated DLP policy | The activity is recorded when an existing DLP policy is modified or updated. | Updating DLP policy rules to include new sensitive content types; Modifying actions to alert administrators for policy breaches |
| Information protection and DLP activities | Deleted DLP policy | The activity is recorded when a DLP policy is removed from the system. | Deleting an outdated DLP policy; Removing policies that no longer align with business requirements |
| Folder activities | Copied folder | The activity is recorded when a user or system copies a folder from one location to another within supported platforms (e.g., SharePoint Online, OneDrive for Business, Teams). | Copying a folder to a different document library; Duplicating a folder for backup; Copying a shared folder to a user's personal directory |
| Folder activities | Created folder | The activity is recorded when a user or system creates a new folder in supported platforms. | Creating a new folder in a SharePoint library; Adding a folder in OneDrive; Programmatically creating folders via API |
| Folder activities | Deleted folder | The activity is recorded when a user or system deletes a folder, moving it to the recycle bin. | Deleting an unused project folder; Removing a folder from a shared document library; Deleting a folder through an automated cleanup process |
| Folder activities | Deleted folder from recycle bin | The activity is recorded when a user or system permanently deletes a folder from the recycle bin. | Permanently removing a folder from the first-stage recycle bin; Deleting a folder to free up space; Clearing folders from the recycle bin manually |
| Folder activities | Deleted folder from second-stage recycle bin | The activity is recorded when a user or administrator permanently deletes a folder from the second-stage recycle bin. | Permanently deleting a folder in the second-stage recycle bin after retention period; Admin removing folders during a cleanup; Automated process clearing folders from the second-stage recycle bin |
| Folder activities | Modified folder | The activity is recorded when a user or system modifies a folder's properties, such as metadata or permissions. | Changing folder metadata (e.g., name, description); Updating folder permissions; Tagging a folder with additional properties |
| Folder activities | Moved folder | The activity is recorded when a user or system moves a folder from one location to another within supported platforms. | Moving a folder to a new document library; Reorganizing folder structure; Moving a folder programmatically |
| Folder activities | Recycled folder | The activity is recorded when a user or system moves a folder to the recycle bin. | Sending a folder to the recycle bin after deletion; Recycling a folder to clean up the library; Automated processes recycling old folders |
| Folder activities | Renamed folder | The activity is recorded when a user or system renames a folder. | Renaming a folder for better clarity; Correcting a typo in a folder name; Programmatically renaming folders |
| Folder activities | Restored folder | The activity is recorded when a user or system restores a folder from the recycle bin to its original or a different location. | Restoring a folder accidentally deleted; Bringing back a folder from the recycle bin to the original document library; Restoring folders using an automated script |
| List activities | Created list | The activity is recorded when a user or system creates a new list in a SharePoint site or similar platform. | Creating a new task list for project management; Setting up a custom list for tracking inventory; Generating a list using an automated process or script |
| List column activities | Created list column | The activity is recorded when a user or system adds a new column to a list to store additional data or customize the list structure. | Adding a 'Due Date' column to a task list; Creating a 'Priority' column for tracking issues; Adding columns using an automated process or script |
| Content type activities | Created list content type | The activity is recorded when a user or system creates a new content type for a list to define custom metadata, templates, or workflows. | Creating a 'Project Document' content type with predefined columns; Setting up a 'Meeting Notes' content type for a specific list; Defining a custom content type using an automated script |
| List item activities | Created list item | The activity is recorded when a user or system adds a new item to a list in a SharePoint site or similar platform. | Adding a new task to a project task list; Submitting an entry in a custom form connected to a SharePoint list; Automatically generating a list item using a workflow or script |
| Site column activities | Created site column | The activity is recorded when a user or system creates a new site column to standardize metadata across lists and libraries in a SharePoint site. | Creating a 'Department' column for consistent metadata usage; Adding a 'Review Status' column to be used across multiple lists and libraries; Defining a site column using an automated script for site-wide deployment |
| Content type activities | Created site content type | The activity is recorded when a user or system creates a new site content type to define reusable metadata, templates, and workflows across lists and libraries in a SharePoint site. | Creating a 'Policy Document' content type for consistent metadata across libraries; Defining a 'Contract' content type with specific templates and workflows; Setting up a site content type using an automated script for broader use |
| List activities | Deleted list | The activity is recorded when a user or system deletes a list from a SharePoint site or similar platform, either intentionally or as part of a cleanup process. | Removing an outdated task list from a project site; Deleting a custom list no longer in use; Automatically deleting lists as part of a script or workflow |
| List column activities | Deleted list column | The activity is recorded when a user or system removes a column from a list to streamline data or eliminate unused fields. | Deleting an obsolete 'Priority' column from a task list; Removing a 'Notes' column that is no longer needed; Automatically deleting columns as part of a script or workflow |
| Content type activities | Deleted list content type | The activity is recorded when a user or system deletes a content type from a list to simplify its structure or remove unused configurations. | Deleting a 'Meeting Notes' content type from a specific list; Removing an unused 'Invoice' content type to streamline metadata; Automatically deleting content types using a script or workflow |
| List item activities | Deleted list item | The activity is recorded when a user or system deletes an item from a list to remove outdated, incorrect, or unnecessary data. | Deleting a completed task from a project task list; Removing an outdated entry from a custom list; Automatically deleting list items as part of a cleanup workflow or script |
| Site column activities | Deleted site column | The activity is recorded when a user or system deletes a site column to remove unused or outdated metadata fields across a SharePoint site. | Deleting an unused 'Department' column from the site column gallery; Removing a 'Review Status' column no longer required across lists and libraries; Automatically deleting site columns using a script for site cleanup |
| Content type activities | Deleted site content type | The activity is recorded when a user or system deletes a site content type to remove unused or outdated configurations from a SharePoint site. | Deleting an obsolete 'Policy Document' content type from the site; Removing a 'Contract' content type no longer in use across libraries; Automatically deleting site content types using a script or workflow |
| List item activities | Recycled list item | The activity is recorded when a user or system moves a list item to the recycle bin to temporarily remove it from view before permanent deletion. | Moving a task to the recycle bin after it is marked as completed; Recycling a list entry that is mistakenly added or outdated; Automatically recycling list items as part of a cleanup process or workflow |
| List activities | Restored list | The activity is recorded when a user or system restores a deleted list from the recycle bin back to its original or a different location in a SharePoint site. | Restoring a task list that was accidentally deleted; Bringing back a custom list from the recycle bin to its original document library; Restoring a list using an automated script or workflow |
| List item activities | Restored list item | The activity is recorded when a user or system restores a deleted list item from the recycle bin back to its original or a different list location. | Restoring a task that was accidentally deleted from a project task list; Bringing back a list item from the recycle bin to the custom list; Restoring a list item using an automated process or script |
| List activities | Updated list | The activity is recorded when a user or system makes changes to an existing list, such as modifying its structure or settings. | Updating the metadata or settings of a task list; Changing the name or description of a custom list; Modifying list settings or permissions using an automated script |
| List column activities | Updated list column | The activity is recorded when a user or system makes changes to an existing list column, such as modifying its name, type, or settings. | Changing the name or type of a 'Priority' column in a task list; Modifying the validation settings of a 'Due Date' column; Updating a list column using an automated process or script |
| Content type activities | Updated list content type | The activity is recorded when a user or system makes changes to an existing content type in a list, such as modifying its metadata, templates, or associated workflows. | Updating the metadata fields of a 'Contract' content type used in a document library; Changing the default document template associated with a content type; Modifying a list content type using an automated process or script |
| List item activities | Updated list item | The activity is recorded when a user or system makes changes to an existing list item, such as updating its data or status. | Updating the status of a task in a project task list; Modifying the content of an existing entry in a custom list; Changing a list item's details through an automated process or script |
| Site column activities | Updated site column | The activity is recorded when a user or system makes changes to an existing site column, such as modifying its properties, validation settings, or type. | Updating the data type of a 'Department' site column from text to choice; Modifying the default value or validation settings of a site column; Changing a site column's settings using an automated process or script |
| Content type activities | Updated site content type | The activity is recorded when a user or system makes changes to an existing site content type, such as modifying its metadata, templates, or associated workflows. | Updating the metadata fields of a 'Document' site content type; Changing the template associated with a content type for site-wide use; Modifying a site content type using an automated process or script |
| Permission activities | Added permission level to site collection | The activity is recorded when a user or system adds a new permission level to a site collection to control access and security settings for users or groups. | Adding a 'Contributor' permission level to a site collection for specific users; Creating a custom permission level for site collection access; Adding permission levels using an automated script for site security management |
| Access request activities | Accepted access request | The activity is recorded when a user or administrator accepts an access request, granting a user or group permission to access a specific site, list, or document. | Accepting an access request for a document library to grant a user permission; Granting site access after reviewing an access request; Automatically accepting access requests via a script or workflow |
| Sharing activities | Accepted sharing invitation | The activity is recorded when a user accepts a sharing invitation, granting them access to a shared document, folder, or site in SharePoint or OneDrive. | Accepting an invitation to view or edit a shared document; Granting a user access to a shared folder after they accept the invitation; Automatically accepting sharing invitations as part of an access management process |
| Sharing activities | Blocked sharing invitation | The activity is recorded when a user or administrator blocks a sharing invitation, preventing a user from gaining access to a shared document, folder, or site in SharePoint or OneDrive. | Blocking a sharing invitation to restrict access to a confidential document; Preventing a user from accessing a shared folder by blocking the invitation; Automatically blocking sharing invitations through a security policy or script |
| Access request activities | Created access request | The activity is recorded when a user creates an access request to gain permission to a specific site, list, or document in SharePoint or OneDrive. | Submitting an access request to gain access to a restricted document library; Requesting permission to view a private folder or site; Automatically generating access requests through a workflow or script |
| Sharing activities | Created a company shareable link | The activity is recorded when a user creates a shareable link to a document, folder, or site within the company, allowing others within the organization to access the content. | Creating a link to share a document with internal users only; Generating a company-wide shareable link to a team folder; Automatically creating shareable links as part of a document management process |
| Sharing activities | Created an anonymous link | The activity is recorded when a user creates a shareable link that allows access to a document, folder, or site without requiring authentication, making it accessible to anyone with the link. | Creating an anonymous link to share a document publicly; Generating an anonymous link to distribute a report to external partners; Automatically generating anonymous links for marketing materials or public content |
| Sharing activities | Created secure link | The activity is recorded when a user creates a secure shareable link, allowing access to a document, folder, or site with restricted permissions, ensuring that only authorized users can access the content. | Creating a secure link with password protection for a sensitive document; Generating a secure link with an expiration date for a private folder; Automatically creating secure links for confidential files within the organization |
| Sharing activities | Deleted secure link | The activity is recorded when a user deletes a previously created secure link, revoking access to a document, folder, or site with restricted permissions. | Deleting a secure link to a confidential document after it is no longer needed; Removing a secure link with an expiration date to prevent further access; Automatically deleting secure links as part of a document cleanup process |
| Sharing activities | Created sharing invitation | The activity is recorded when a user creates a sharing invitation to grant access to a document, folder, or site, allowing others to collaborate or view the content. | Creating a sharing invitation to invite a user to collaborate on a document; Sending a sharing invitation to grant access to a folder; Automatically generating sharing invitations as part of a team collaboration process |
| Access request activities | Denied access request | The activity is recorded when a user or administrator denies an access request, preventing a user or group from gaining permission to access a specific site, list, or document. | Denying an access request for a restricted document library; Refusing access to a site after reviewing an access request; Automatically denying access requests based on security policies |
| Sharing activities | Removed a company shareable link | The activity is recorded when a user removes a company shareable link, revoking access to a document, folder, or site shared within the organization. | Removing a company shareable link to restrict access to an internal document; Revoking a shared folder link to prevent further distribution within the organization; Automatically removing company shareable links as part of a content cleanup process |
| Sharing activities | Removed an anonymous link | The activity is recorded when a user removes an anonymous link, revoking public access to a document, folder, or site that was previously shared without authentication. | Removing an anonymous link to prevent public access to a document; Revoking an anonymous link to ensure that a folder is no longer accessible by anyone with the link; Automatically deleting an anonymous link after a content review or policy change |
| Sharing activities | Shared file, folder, or site | The activity is recorded when a user shares a file, folder, or site with another user or group, granting them access to view, edit, or collaborate on the content. | Sharing a document with a colleague for collaboration; Granting access to a folder for a specific team; Sharing a site with external partners to provide them with restricted access |
| Sharing activities | Unshared file, folder, or site | The activity is recorded when a user removes the sharing permissions from a file, folder, or site, revoking access for the users or groups who were previously granted permission. | Unsharing a document to prevent further collaboration with a specific user; Revoking access to a folder for a team that no longer needs access; Removing sharing permissions from a site to restrict access to external users |
| Access request activities | Updated access request | The activity is recorded when a user or administrator updates an existing access request, modifying the requested permissions or the users/groups seeking access to a site, list, or document. | Updating an access request to change the permissions for a requested user; Modifying an access request to include additional users or resources; Automatically updating access requests based on workflow or security rules |
| Sharing activities | Updated an anonymous link | The activity is recorded when a user updates an existing anonymous link, modifying its settings such as expiration date, permissions, or access restrictions for a document, folder, or site shared publicly. | Updating an anonymous link to extend the expiration date for continued public access; Modifying an anonymous link to restrict viewing permissions for a document; Changing the access settings of an anonymous link to allow or prevent editing |
| Sharing activities | Updated sharing invitation | The activity is recorded when a user updates an existing sharing invitation, modifying the recipient's permissions or the access settings for a document, folder, or site being shared. | Updating a sharing invitation to change the permissions from view-only to edit; Modifying a sharing invitation to add additional recipients for a document; Changing the expiration or access settings of a previously sent sharing invitation |
| Sharing activities | Used a company shareable link | The activity is recorded when a user accesses a document, folder, or site using a company shareable link, which grants access to content within the organization. | Accessing a document through a company shareable link for internal collaboration; Using a company shareable link to view a shared folder within the organization; Opening a site from a company shareable link provided by a colleague |
| Sharing activities | Used an anonymous link | The activity is recorded when a user accesses a document, folder, or site using an anonymous link, which grants public access to the content without requiring authentication. | Accessing a document shared publicly via an anonymous link; Opening a folder through an anonymous link distributed externally; Viewing a site or report via an anonymous link shared on a public platform |
| Sharing activities | Used secure link | The activity is recorded when a user accesses a document, folder, or site using a secure link, which provides access with restricted permissions, such as password protection or limited access duration. | Accessing a document using a secure link with a password; Opening a folder shared via a secure link with an expiration date; Using a secure link to view a confidential file with limited permissions |
| Sharing activities | User added to secure link | The activity is recorded when a user is granted access to a document, folder, or site via a secure link, allowing them to view or edit the content based on specified permissions. | Adding a user to a secure link for accessing a document with restricted permissions; Granting access to a folder via a secure link with limited viewing or editing rights; Including a new user in the list of authorized individuals for a secure link |
| Sharing activities | User removed from secure link | The activity is recorded when a user is removed from a secure link, revoking their access to a document, folder, or site that was previously shared with restricted permissions. | Removing a user from a secure link to prevent further access to a document; Revoking a user's access to a folder shared via a secure link with restricted permissions; Automatically removing a user from the authorized list for a secure link after they no longer need access |
| Sharing activities | Withdrew sharing invitation | The activity is recorded when a user cancels or withdraws a sharing invitation, preventing the recipient from gaining access to a document, folder, or site. | Withdrawing a sharing invitation before the recipient accepts the access request; Cancelling a sharing invitation for a document that is no longer needed to be shared; Revoking a sharing invitation to restrict access to a folder before it is accessed |
Microsoft Purview is a game-changing solution for modern data governance, offering a unified approach to managing, protecting, and maximizing the value of your data. Whether you're looking to understand its fundamentals, explore its powerful features, or learn how it simplifies administrative workflows, Purview equips organizations with the tools needed to thrive in a data-driven world. Take control of your data with confidence, streamline compliance, and unlock new opportunities for growth.