Scripts/office_365/Compliance_Search

# ==========================================
# Microsoft 365 Compliance Search Tool (MSP)
# ==========================================

# Global
$global:Connected = $false
$LogFile = "$PSScriptRoot\ComplianceTool.log"

# ================================
# Logging
# ================================
function Write-Log {
    param ($Message)
    $time = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
    $entry = "$time - $Message"
    Write-Host $entry
    Add-Content -Path $LogFile -Value $entry
}

# ================================
# Connect Compliance
# ================================
function Connect-Compliance {
    try {
        Write-Host "Connecting to Compliance Center..." -ForegroundColor Cyan
        Connect-IPPSSession
        $global:Connected = $true
        Write-Log "Connected to Compliance Center"
    } catch {
        Write-Log "Connection failed: $_"
    }
}

function Disconnect-Compliance {
    Get-PSSession | Remove-PSSession
    $global:Connected = $false
    Write-Log "Disconnected"
}

function Ensure-Connection {
    if (-not $global:Connected) {
        Write-Host "Not connected. Connecting..." -ForegroundColor Yellow
        Connect-Compliance
    }
}

# ================================
# Search Functions
# ================================

function New-ComplianceSearchMenu {
    Ensure-Connection

    $name = Read-Host "Enter Search Name"
    $mailboxes = Read-Host "Enter mailboxes (comma separated or ALL)"
    $query = Read-Host "Enter search query (leave blank for all)"

    if ($mailboxes -eq "ALL") {
        $mailboxes = "All"
    }

    try {
        New-ComplianceSearch -Name $name `
            -ExchangeLocation $mailboxes `
            -ContentMatchQuery $query

        Write-Log "Search created: $name"
    } catch {
        Write-Log "Error creating search: $_"
    }
}

function Start-ComplianceSearchMenu {
    Ensure-Connection
    $name = Read-Host "Enter Search Name"

    try {
        Start-ComplianceSearch -Identity $name
        Write-Log "Search started: $name"
    } catch {
        Write-Log "Error: $_"
    }
}

function Get-ComplianceSearchList {
    Ensure-Connection
    Get-ComplianceSearch | Select Name, Status, Items, Size | Format-Table
}

function Get-ComplianceSearchStatus {
    Ensure-Connection
    $name = Read-Host "Enter Search Name"
    Get-ComplianceSearch -Identity $name | Format-List
}

function Remove-ComplianceSearchMenu {
    Ensure-Connection
    $name = Read-Host "Enter Search Name"

    try {
        Remove-ComplianceSearch -Identity $name -Confirm:$false
        Write-Log "Deleted search: $name"
    } catch {
        Write-Log "Error deleting search: $_"
    }
}

# ================================
# Export (PST Preparation)
# ================================
function Export-ComplianceSearchMenu {
    Ensure-Connection
    $name = Read-Host "Enter Search Name"

    try {
        New-ComplianceSearchAction -SearchName $name -Export
        Write-Log "Export job created for: $name"
        Write-Host "Now go to Purview portal to download PST." -ForegroundColor Yellow
    } catch {
        Write-Log "Export failed: $_"
    }
}

# ================================
# Helper Queries (Templates)
# ================================
function Show-QueryExamples {
    Write-Host "`n--- Query Examples ---"
    Write-Host "1. All emails: (leave blank)"
    Write-Host '2. From specific user: from:"user@domain.com"'
    Write-Host '3. Keyword search: "invoice"'
    Write-Host '4. Date range: received>=2024-01-01 AND received<=2024-12-31'
    Write-Host '5. Attachments only: hasattachment:true'
}

# ================================
# Menu
# ================================
function Show-MainMenu {
    Clear-Host
    Write-Host "========================================" -ForegroundColor Cyan
    Write-Host " Compliance Search Tool (MSP Edition)"
    Write-Host "========================================"
    Write-Host "1. Connect"
    Write-Host "2. Create Search"
    Write-Host "3. Start Search"
    Write-Host "4. List Searches"
    Write-Host "5. Check Search Status"
    Write-Host "6. Export Search (PST Prep)"
    Write-Host "7. Delete Search"
    Write-Host "8. Query Examples"
    Write-Host "9. Disconnect"
    Write-Host "0. Exit"
}

# ================================
# Main Loop
# ================================
do {
    Show-MainMenu
    $choice = Read-Host "Select option"

    switch ($choice) {

        1 { Connect-Compliance }

        2 { New-ComplianceSearchMenu }

        3 { Start-ComplianceSearchMenu }

        4 { Get-ComplianceSearchList }

        5 { Get-ComplianceSearchStatus }

        6 { Export-ComplianceSearchMenu }

        7 { Remove-ComplianceSearchMenu }

        8 { Show-QueryExamples }

        9 { Disconnect-Compliance }

    }

    Pause

} while ($choice -ne 0)

Write-Host "Exiting..." -ForegroundColor Yellow