diff --git a/clusters/o365-exchange-techniques.json b/clusters/o365-exchange-techniques.json
index 782dd9f..1fc14b6 100644
--- a/clusters/o365-exchange-techniques.json
+++ b/clusters/o365-exchange-techniques.json
@@ -217,7 +217,7 @@
           "tactics:Persistence"
         ]
       },
-      "uuid": "80308e39-11e9-45b2-b6d2-f13f3de509ab",
+      "uuid": "2f10dbd7-89e4-4929-8bdc-8ca167f08ace",
       "value": "O365 - Delegate Tenant Admin"
     },
     {
@@ -264,7 +264,8 @@
       "description": "O365 - Search for Content with eDiscovery",
       "meta": {
         "kill_chain": [
-          "tactics:Expansion"
+          "tactics:Expansion",
+          "tactics:Actions on Intent"
         ]
       },
       "uuid": "fe65c7ed-7129-4591-a82e-a223b0cdbf14",
@@ -340,16 +341,6 @@
       "uuid": "ae6eb93b-503f-49b5-98db-3f282551facb",
       "value": "O365 - MailSniper: Search Mailbox for content"
     },
-    {
-      "description": "O365 - Search for Content with eDiscovery",
-      "meta": {
-        "kill_chain": [
-          "tactics:Actions on Intent"
-        ]
-      },
-      "uuid": "8ac66795-5e59-4993-973b-b6efd78fb1c8",
-      "value": "O365 - Search for Content with eDiscovery"
-    },
     {
       "description": "O365 - Exfiltration email using EWS APIs with PowerShell",
       "meta": {
@@ -371,5 +362,5 @@
       "value": "O365 - Download documents and email"
     }
   ],
-  "version": 1
+  "version": 2
 }