You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
title: "Understanding Microsoft 365 case creation and diagnostic data access"
3
-
ms.author: camillepack
4
-
author: camillepack
5
-
manager: scotv
6
-
ms.date: 04/07/2025
3
+
ms.author: deniseb
4
+
author: denisebmsft
5
+
manager: dansimp
6
+
ms.date: 07/08/2025
7
7
audience: Admin
8
8
ms.topic: concept-article
9
9
ms.service: microsoft-365-business
@@ -30,51 +30,14 @@ Access is removed automatically when your support request is closed. If your req
30
30
31
31
Depending on the nature of your support request, the data that Microsoft can access would belong under one or more of the following categories:
32
32
33
-
-**Support Data** – All data provided to Microsoft by the customer as part of a customer engagement to obtain support services.
34
-
- Examples
35
-
- Support requests from customers and phone conversations, online chat sessions, or remote assistance sessions between support professionals and customers
36
-
- Case notes and/or records related to support requests from customers
37
-
- Data provided to Microsoft by the customer as part of support activities
38
-
39
-
-**Account Data** – Contact and billing/purchase/payment/license information.
40
-
- Examples
41
-
- Customer’s provisioning information
42
-
- Account configuration and billing data
43
-
- Tenant administrator contact information (for example, tenant administrator’s name, address, e-mail address, phone number)
44
-
- This also includes Licensing and Purchase Information.
45
-
46
-
-**System Metadata** – Data generated in the course of running the service.
47
-
- Examples
48
-
- Event Logs
49
-
- Access Control Logs
50
-
- Account information belonging to Microsoft operations personnel
51
-
- Microsoft server names/server IPs
52
-
- Server patching and vulnerability data
53
-
- Service configuration data
54
-
- Telemetry (on-prem or cloud)
55
-
56
-
-**Organization Identifiable Information (OII)** – Data that can be used to identify a particular tenant/deployment/organization (generally config or usage data)
57
-
- Examples
58
-
- Tenant ID (non-GUID)
59
-
- TenantID (GUID) – due to the existence of many out of boundary TenantID to name mapping tables
60
-
- Tenant usage data
61
-
- Tenant IP Addresses (IPv4) such as tenant’s firewall IP address
62
-
- Global Prefix and Subnet ID (first 64 bits of IPv6 address)
63
-
- Tenant Domain name in e-mail address (joe@**contoso.com**)
64
-
- Mapping of organizational GUID to organization
65
-
66
-
-**End User Identifiable Information (EUII)** – Data that directly identifies or could be used to identify the authenticated user of a Microsoft service.
-**End User Pseudonymous Identifiers (EUPI)** – An identifier created by Microsoft tied to the user of a Microsoft service.
75
-
- Examples
76
-
- User GUIDs or PUIDs
77
-
- Session IDs
33
+
| Category | Examples |
34
+
|--|--|
35
+
|**Support data**: All data provided to Microsoft by the customer as part of a customer engagement to obtain support services | - Support requests from customers and phone conversations, online chat sessions, or remote assistance sessions between support professionals and customers<br/>- Case notes and/or records related to support requests from customers<br/>- Data provided to Microsoft by the customer as part of support activities |
36
+
|**Account data**: Contact, billing, purchase, payment, and/or license information | - Customer's provisioning information<br/>- Account configuration and billing data<br/>- Tenant administrator contact information (such as tenant administrator's name, address, e-mail address, phone number)<br/>- Licensing and purchase information |
37
+
|**System metadata**: Data generated in the course of running the service | - Event logs<br/>- Access control logs<br/>- Account information belonging to Microsoft operations personnel<br/>- Microsoft server names/server IPs<br/>- Server patching and vulnerability data<br/>- Service configuration data<br/>- Telemetry (on-premises or cloud) |
38
+
|**Organization identifiable information (OII)**: Data that can be used to identify a particular tenant, deployment, or organization (generally config or usage data) | - Tenant ID (non-GUID)<br/>- TenantID (GUID) – due to the existence of many out of boundary `TenantID` to name mapping tables<br/>- Tenant usage data<br/>- Tenant IP addresses (IPv4), such as tenant's firewall IP address<br/>- Global prefix and subnet ID (first 64 bits of IPv6 address)<br/>- Tenant domain name in e-mail address (such as `[email protected]`)<br/>- Mapping of organizational GUID to organization |
39
+
|**End-user identifiable information (EUII)**: Data that directly identifies or could be used to identify the authenticated user of a Microsoft service | - User-specific IP address (IPv4)<br/>- User principal name (`[email protected]`)<br/>- Address book data<br/>- User's machine name<br/>- SIP URI |
40
+
|**End-user pseudonymous identifiers (EUPI)**: An identifier created by Microsoft tied to the user of a Microsoft service | - User GUIDs or PUIDs<br/>- Session IDs |
78
41
79
42
## How long is diagnostic data retained in Microsoft systems?
80
43
@@ -83,3 +46,9 @@ Microsoft retains diagnostic data for up to 28 days after it is collected. After
83
46
## Where is support activity on a customer tenant logged?
84
47
85
48
Activity performed on a customer tenant is available under Microsoft Entra Audit logs.
49
+
50
+
When you create a support request and you grant advanced diagnostic consent, you see a notification that cross-tenant access settings were updated due to a partner addition. The notification occurs because the Microsoft Support tenant (`Office365ConciergeSupport.onmicrosoft.com - b4c546a4-7dac-46a6-a7dd-ed822a11efd3`) is added as a service provider for the duration of active support requests in your tenant. Expect to see audit logs in these categories:
0 commit comments