Querying Office Graph in SharePoint Online using GQL

Microsoft started rolling out Delve was rolled out to Office 365 customers couple of weeks back. Delve is a new way to find relevant document, people and conversations around them instead of searching for them. Office graph is the technology that powers delve and developers can make use of Office Graph to build custom applications that extend Office 365.

Office Graph has information about people, documents and the relationship and interactions between them. In Office graph terms users who perform activities on documents are actors and the activity they perform is an action. The relationships and interactions are represented as edges and an activity performed by an actor will generate an edge.

Developers can query the Office Graph in SharePoint online through search REST API by passing GraphQuery property to search API. The Graph Query Language (GQL) has the syntax of
GraphQuery:actor(<ActorID>,[filter])

Where ActorID is the ID of the actor for which you want to retrieve activities and documents and filter is an optional argument of action types to filter the results based on activities performed. For example to query all modifications done by an actor with ActorID of 1009 the GQL would be

https://<SharePoint Online site>/_api/search/query/?QueryText=’*’&Properties=’GraphQuery:actor(1009\,action\:1003)’

https://slmfeo13052.sharepoint.com/_ api/search/query/?QueryText=’*’&Properties=’GraphQuery:actor(ME, action\:1003)’

Where 1003 is the action ID that represents modify action. Full list of action types can be seen from here. 

Results returned from GQL are similar to the results from SharePoint Search REST API except that and additional property called Edges will be included in the details.   Edges property will have details of action, date and ranking model weight. Following is an example of Edges property returned from a GQL Search REST API call
 <d:element m:type="SP.KeyValue">
<d:Key>Edges</d:Key>
<d:Value>[{"ActorId":29355180,"ObjectId":28029928,"Properties":{"Action":1001,"Blob":[],"BlobContent":"","ObjectSource":1,"Time":"2014-09-12T09:47:17.0000000Z","Weight":1}}]</d:Value>
<d:ValueType>Edm.String</d:ValueType>
</d:element>

Using GQL and the Edges property interesting application can be developed as shown by Richard’s MSDN blog .

Data Loss Prevention(DLP) in Office 365 SharePoint Online

Office 365 has been providing Data Loss Prevention (DLP) support in Exchange Online for some time. DLP has now been extended to SharePoint online and provides a way to identify sensitive data like credit card number, IP address, SSN etc. stored in OneDrive documents and SharePoint Online sites.

Below are the steps for setting up DLP in SharePoint Online

Step 1. Create an eDiscovery Center

As DLP in SharePoint online is built into the eDiscovery Center we first need to setup an eDiscovery Center site. See Set up an eDiscovery Center in SharePoint Online to create an eDiscovery site.

Step 2. Create an eDiscovery Case

In order to create queries and search for sensitive information an eDiscovery Case should be created.

1.  Navigate to the eDiscovery Center site and click on Create new case button.

2.  On the new site creation page enter values for Title, Description and Web Site Address

3. Select the site template as eDiscovery Case.

4. Choose your preferred options for permissions and navigation and click Create button.

Step 3. Create Queries for Sensitive Information

1.  Navigate to the case site and click on new item link under Search and Export section

 

2.  On the new Query creation page

a) Give Name for the Query

b) Enter a query for sensitive information you want to search in SharePoint Online. You can leverage the 51 built in sensitive information types for forming the query. The format for the query is

SensitiveType:”< type>|<count range>|<confidence range>”

"<type>” is required, and both <count range> and <confidence range> are optional.  For example to search for documents that contain 10 or more IP Address you would use a query

SensitiveType=”IP Address|10..”

 

c) Optionally you can specify the start date and end date and author names to filter the search

d) To add a source for the search query click on Modify Query Scope and from the popup click add location and enter the URL of SharePoint site in which you want to search for sensitive information and click Ok to save the scope.

e) Click the Save button to save the query.

Step 4. Search for Sensitive Information

1.  After you have saved the query click on Search button to search for sensitive information.

2. Documents and pages in SharePoint Online site matching the sensitive information query will be displayed in the SharePoint tab in the results section.

3. Click Export button to export the search results to spread sheet.