Merge branch 'main' into provision-content-center-working

Author: chuckedmonson

.openpublishing.redirection.json

@@ -6687,6 +6687,11 @@
       "source_path": "microsoft-365/campaigns/share-files-and-videos.md",
       "redirect_url": "/microsoft-365/business-premium/share-files-and-videos",
       "redirect_document_id": true
+    },
+    {
+      "source_path": "microsoft-365/compliance/what-the-dlp-functions-look-for.md",
+      "redirect_url": "/microsoft-365/compliance/sit-functions",
+      "redirect_document_id": false
     }
   ]
 }

microsoft-365/compliance/TOC.yml

@@ -322,7 +322,7 @@
             href: named-entities-learn.md
         - name: Get started with sensitive information type
           items:
-          - name: Get started with custom sensitive information types - Compliance Center
+          - name: Create a custom sensitive information types - Compliance Center
             href: create-a-custom-sensitive-information-type.md
           - name: Get started with exact data match based sensitive information types
             href: sit-get-started-exact-data-match-based-sits-overview.md
@@ -344,6 +344,10 @@
             href: sit-modify-edm-schema-configurable-match.md
           - name: Create notifications for exact data match activities (preview)
             href: sit-edm-notifications-activities.md
+          - name: Manage custom sensitive information types in compliance center
+            href: sit-manage-custom-sits-compliance-center.md
+          - name: Sensitive information types REGEX validators and additional checks
+            href: sit-regex-validators-additional-checks.md
           - name: Create a custom sensitive information type - PowerShell
             href: create-a-custom-sensitive-information-type-in-scc-powershell.md
           - name: Remove a custom sensitive information type - PowerShell
@@ -366,8 +370,8 @@
           items:
           - name: Sensitive information type entity definitions 
             href: sensitive-information-type-entity-definitions.md
-          - name: What the DLP functions look for
-            href: what-the-dlp-functions-look-for.md
+          - name: Sensitive information type functions
+            href: sit-functions.md
           - name: Custom sensitive information type filters reference
             href: sit-custom-sit-filters.md
     - name: Trainable classifiers

microsoft-365/compliance/create-a-custom-sensitive-information-type-in-scc-powershell.md

@@ -6,7 +6,7 @@ ms.author: chrfox
 author: chrfox
 manager: laurawi
 audience: Admin
-ms.article: article
+ms.topic: article
 ms.service: O365-seccomp
 ms.localizationpriority: medium
 ms.collection:
@@ -230,7 +230,7 @@ Sensitive information types can also use built-in functions to identify corrobor
 
 For example, an employee ID badge has a hire date on it, so this custom entity can use the built-in `Func_us_date` function   to identify a date in the format that's commonly used in the US.
 
-For more information, see [What the DLP functions look for](what-the-dlp-functions-look-for.md).
+For more information, see [Sensitive information type functions](sit-functions.md).
 
 ![XML markup showing Match element referencing built-in function.](../media/dac6eae3-9c52-4537-b984-f9f127cc9c33.png)
 
@@ -320,7 +320,7 @@ In addition to confidenceLevel for each Pattern, the Entity has a recommendedCon
 
 ## Do you want to support other languages in the UI of the Compliance center? [LocalizedStrings element]
 
-If your compliance team uses the Microsoft 365 Compliance center to create polices policies in different locales and in different languages, you can provide localized versions of the name and description of your custom sensitive information type. When your compliance team uses Microsoft 365 in a language that you support, they'll see the localized name in the UI.
+If your compliance team uses the Microsoft 365 Compliance center to create policies in different locales and in different languages, you can provide localized versions of the name and description of your custom sensitive information type. When your compliance team uses Microsoft 365 in a language that you support, they'll see the localized name in the UI.
 
 ![Instance count and match accuracy configuration.](../media/11d0b51e-7c3f-4cc6-96d8-b29bcdae1aeb.png)
 
@@ -907,4 +907,4 @@ You can copy this markup, save it as an XSD file, and use it to validate your ru
 
 - [Learn about data loss prevention](dlp-learn-about-dlp.md)
 - [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md)
-- [What the DLP functions look for](what-the-dlp-functions-look-for.md)
+- [Sensitive information type functions](sit-functions.md)

microsoft-365/compliance/create-a-custom-sensitive-information-type.md

@@ -1,5 +1,5 @@
 ---
-title: "Get started with custom sensitive information types"
+title: "Create a custom sensitive information types"
 f1.keywords:
 - NOCSH
 ms.author: chrfox
@@ -15,10 +15,10 @@ ms.collection:
 search.appverid: 
 - MOE150
 - MET150
-description: "Learn how to create, modify, remove, and test custom sensitive information types for DLP in the Security & Compliance Center."
+description: "Learn how to create, modify, remove, and test custom sensitive information types in the Compliance Center."
 ms.custom: seo-marvel-apr2020
 ---
-# Get started with custom sensitive information types
+# Create custom sensitive information types in the Compliance center
 
 If the pre-configured sensitive information types don't meet your needs, you can create your own custom sensitive information types that you fully define or you can copy one of the pre-configured ones and modify it.
 
@@ -36,7 +36,7 @@ There are two ways to create a new sensitive information type:
     - [regular expressions](https://www.boost.org/doc/libs/1_68_0/libs/regex/doc/html/) - Microsoft 365 sensitive information types uses the Boost.RegEx 5.1.3 engine
     - keyword lists - you can create your own as you define your sensitive information type or choose from existing keyword lists
     - [keyword dictionary](create-a-keyword-dictionary.md)
-    - [functions](what-the-dlp-functions-look-for.md)
+    - [Sensitive information type functions](sit-functions.md)
     - [confidence levels](sensitive-information-type-learn-about.md#more-on-confidence-levels)
 
 - You must have Global admin or Compliance admin permissions to create, test, and deploy a custom sensitive information type through the UI. See [About admin roles](/office365/admin/add-users/about-admin-roles) in Office 365.
@@ -59,13 +59,13 @@ Use this procedure to create a new sensitive information type that you fully def
 
 4. Choose the default confidence level for the pattern. The values are **Low confidence**, **Medium confidence**, and **High confidence**.
 
-5. Choose and define **Primary element**. The primary element can be a **Regular expression** with an optional validator, a **Keyword list**, a **Keyword dictionary**, or one of the pre-configured **Functions**. For more information on DLP functions, see [What the DLP functions look for](what-the-dlp-functions-look-for.md). For more information on the date and the checksum validators, see [More information on regular expression validators](#more-information-on-regular-expression-validators).
+5. Choose and define **Primary element**. The primary element can be a **Regular expression** with an optional validator, a **Keyword list**, a **Keyword dictionary**, or one of the pre-configured **Functions**. For more information on DLP functions, see [Sensitive information type functions](sit-functions.md). For more information on the date and the checksum validators, see [Sensitive Information Type regular expression validators](sit-regex-validators-additional-checks.md#sensitive-information-type-regular-expression-validators).
 
 6. Fill in a value for **Character proximity**.
 
 7. (Optional) Add supporting elements if you have any. Supporting elements can be a regular expression with an optional validator, a keyword list, a keyword dictionary or one of the pre-defined functions. Supporting elements can have their own **Character proximity** configuration. 
 
-8. (Optional) Add any [**additional checks**](#more-information-on-additional-checks) from the list of available checks.
+8. (Optional) Add any [**additional checks**](sit-regex-validators-additional-checks.md#sensitive-information-type-additional-checks) from the list of available checks.
 
 9. Choose **Create**.
 
@@ -84,6 +84,22 @@ Use this procedure to create a new sensitive information type that you fully def
 
 Use this procedure to create a new sensitive information type that is based on an existing sensitive information type. 
 
+> [!NOTE]
+> These SITs can't be copied:
+> - Canada driver's license number
+> - EU driver's license number
+> - EU national identification number
+> - EU passport number
+> - EU social security number or equivalent identification
+> - EU tax identification number
+> - International classification of diseases (ICD-10-CM)
+> - International classification of diseases (ICD-9-CM)
+> - U.S. driver's license number
+
+You can also create custom sensitive information types by using PowerShell and Exact Data Match capabilities. To learn more about those methods, see:
+- [Create a custom sensitive information type in Security & Compliance Center PowerShell](create-a-custom-sensitive-information-type-in-scc-powershell.md)
+- [Learn about exact data match based sensitive information types](sit-learn-about-exact-data-match-based-sits.md#learn-about-exact-data-match-based-sensitive-information-types)
+
 1. In the Compliance Center, go to **Data classification** \> **Sensitive info types** and choose the sensitive information type that you want to copy.
 
 2. In the flyout, choose **Copy**.
@@ -98,11 +114,11 @@ Use this procedure to create a new sensitive information type that is based on a
 
 7. You can choose to edit or remove the existing patterns and add new ones. Choose the default confidence level for the new pattern. The values are **Low confidence**, **Medium confidence**, and **High confidence**.
 
-8. Choose and define **Primary element**. The primary element can be a **Regular expression**, a **Keyword list**, a **Keyword dictionary**, or one of the pre-configured **Functions**. See, [What the DLP functions look for](what-the-dlp-functions-look-for.md).
+8. Choose and define **Primary element**. The primary element can be a **Regular expression**, a **Keyword list**, a **Keyword dictionary**, or one of the pre-configured **Functions**. See, [Sensitive information type functions](sit-functions.md).
 
 9. Fill in a value for **Character proximity**.
 
-10. (Optional) If you have **Supporting elements** or any [**Additional checks**](#more-information-on-additional-checks) add them. If needed you can group your **Supporting elements**.
+10. (Optional) If you have **Supporting elements** or any [**additional checks**](sit-regex-validators-additional-checks.md#sensitive-information-type-additional-checks) add them. If needed you can group your **Supporting elements**.
 
 11. Choose **Create**.
 
@@ -163,111 +179,6 @@ For a scanned item to satisfy rule criteria, the number of unique instances of a
 
 For example, if you want the rule to trigger a match when at least 500 unique instances of a SIT are found in a single item, set the **min** value to `500` and the **max** value to `Any`.
 
-## Modify custom sensitive information types in the Compliance Center
-
-1. In the Compliance Center, go to **Data classification** \> **Sensitive info types** and choose the sensitive information type from the list that you want to modify choose **Edit**.
-
-2. You can add other patterns, with unique primary and supporting elements, confidence levels, character proximity, and [**additional checks**](#more-information-on-additional-checks) or edit/remove the existing ones.
-
-## Remove custom sensitive information types in the Compliance Center 
-
-> [!NOTE]
-> You can only remove custom sensitive information types; you can't remove built-in sensitive information types.
-
-> [!IMPORTANT]
-> Before your remove a custom sensitive information type, verify that no DLP policies or Exchange mail flow rules (also known as transport rules) still reference the sensitive information type.
-
-1. In the Compliance Center, go to **Data classification** \> **Sensitive info types** and choose the sensitive information type from the list that you want to remove.
-
-2. In the fly-out that opens, choose **Delete**.
-
-> [!NOTE]
-> These SITs can't be copied:
-> - Canada driver's license number
-> - EU driver's license number
-> - EU national identification number
-> - EU passport number
-> - EU social security number or equivalent identification
-> - EU tax identification number
-> - International classification of diseases (ICD-10-CM)
-> - International classification of diseases (ICD-9-CM)
-> - U.S. driver's license number
-
-You can also create custom sensitive information types by using PowerShell and Exact Data Match capabilities. To learn more about those methods, see:
-- [Create a custom sensitive information type in Security & Compliance Center PowerShell](create-a-custom-sensitive-information-type-in-scc-powershell.md)
-- [Learn about exact data match based sensitive information types](sit-learn-about-exact-data-match-based-sits.md#learn-about-exact-data-match-based-sensitive-information-types)
-
-## More information on regular expression validators
-
-### Checksum validator
-
-If you need to run a checksum on a digit in a regular expression, you can use the *checksum validator*. For example, say you need to create a SIT for an eight digit license number where the last digit is a checksum digit that is validated using a mod 9 calculation. You've set up the checksum algorithm like this:
-
-```console
-Sum = digit 1 * Weight 1 + digit 2 * weight 2 + digit 3 * weight 3 + digit 4 * weight 4 + digit 5 * weight 5 + digit 6 * weight 6 + digit 7 * weight 7 + digit 8 * weight 8
-Mod value = Sum % 9
-If Mod value == digit 8
-    Account number is valid
-If Mod value != digit 8
-    Account number is invalid
-```
-
-1. Define the primary element with this regular expression:
-
-   ```console
-   \d{8}
-   ```
-
-2. Then add the checksum validator.
-
-3. Add the weight values separated by commas, the position of the check digit and the Mod value. For more information on the Modulo operation, see [Modulo operation](https://en.wikipedia.org/wiki/Modulo_operation).
-
-   > [!NOTE]
-   > If the check digit is not part of the checksum calculation then use 0 as the weight for the check digit. For example, in the above case weight 8 will be equal to 0 if the check digit is not to be used for calculating the check digit.  Modulo_operation).
-
-   :::image type="content" alt-text="screenshot of configured checksum validator." source="../media/checksum-validator.png" lightbox="../media/checksum-validator.png":::
-
-### Date validator
-
-If a date value that is embedded in regular expression is part of a new pattern you are creating, you can use the *date validator* to test that it meets your criteria. For example, say you want to create a SIT for a nine digit employee identification number. The first six digits are the date of hire in DDMMYY format and the last three are randomly generated numbers. To validate that the first six digits are in the correct format.
-
-1. Define the primary element with this regular expression:
-
-   ```console
-   \d{9}
-   ```
-
-2. Then add the date validator.
-
-3. Select the date format and the start offset. Since the date string is the first six digits, the offset is `0`.
-
-   :::image type="content" alt-text="screenshot of configured date validator." source="../media/date-validator.png" lightbox="../media/date-validator.png":::
-
-### Functional processors as validators
-
-You can use function processors for some of the most commonly used SITs as validators. This allows you to define your own regular expression while ensuring they pass the additional checks required by the SIT. For example, Func_India_Aadhar will ensure that the custom regular expression defined by you passes the validation logic required for Indian Aadhar card. For more information on DLP functions that can be used as validators, see [What the DLP functions look for](what-the-dlp-functions-look-for.md#what-the-dlp-functions-look-for). 
-
-### Luhn check validator
-
-You can use the Luhn check validator if you have a custom Sensitive information type that includes a regular expression which should pass the [Luhn algorithm](https://en.wikipedia.org/wiki/Luhn_algorithm).
-
-## More information on additional checks
-
-Here are the definitions and some examples for the available additional checks.
-
-**Exclude specific matches**: This check lets you define keywords to exclude when detecting matches for the pattern you are editing. For example, you might exclude test credit card numbers like '4111111111111111' so that they're not matched as a valid number.
-
-**Starts or doesn't start with characters**: This check lets you define the characters that the matched items must or must not start with. For example, if you want the pattern to detect only credit card numbers that start with 41, 42, or 43, select **Starts with** and add 41, 42, and 43 to the list, separated by commas. 
-
-**Ends or doesn't end with characters**: This check lets you define the characters that the matched items must or must not end with. For example, if your Employee ID number cannot end with 0 or 1, select **Doesn't end with** and add 0 and 1 to the list, separated by commas.
-
-**Exclude duplicate characters**: This check lets you ignore matches in which all the digits are the same. For example, if the six digit employee ID number cannot have all the digits be the same, you can select **Exclude duplicate characters** to exclude 111111, 222222, 333333, 444444, 555555, 666666, 777777, 888888, 999999, and 000000 from the list of valid matches for the employee ID.
-
-**Include or exclude prefixes**: This check lets you define the keywords that must or must not be found immediately before the matching entity. Depending on your selection, entities will be matched or not matched if they're preceded by the prefixes you include here. For example, if you **Exclude** the prefix **GUID:**, any entity that's preceded by **GUID:** won't be considered a match.
-
-**Include or exclude suffixes** This check lets you define the keywords that must or must not be found immediately after the matching entity. Depending on your selection, entities will be matched or not matched if they're followed by the suffixes you include here. For example, if you **Exclude** the suffix **:GUID**, any text that's followed by **:GUID** won't be matched.
-
-
 > [!NOTE]
 > Microsoft 365 Information Protection supports double byte character set languages for:
 > - Chinese (simplified)

microsoft-365/compliance/data-loss-prevention-policies.md

@@ -589,6 +589,6 @@ However, DLP reports need pull data from across Microsoft 365, including Exchang
 
 - [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md)
 
-- [What the DLP functions look for](what-the-dlp-functions-look-for.md)
+- [Sensitive information type functions](sit-functions.md)
 
 - [Create a custom sensitive information type](create-a-custom-sensitive-information-type.md)