AlienVault USM Anywhere enables you to create and manage your own investigation.

To create a new investigation

1. Go to Investigations.
2. In the upper right area of the page, click New Investigation to open a new window.

   

3. Enter the information in each field.

Fields in the New Investigation dialog box

Field	Meaning
Title	Name identifying the investigation.
Intent	Classify your investigation. It can be Delivery & Attack, Environmental Awareness, Exploitation & Installation, Reconnaissance & Probing, and System Compromise. See Intent for more information.
Severity	Severity of the investigation. Values are Low, Medium, High, and Critical.
Status	Status applied to the investigation. By default, it is Open and can not be changed. You can change it later to In Review or Closed. To learn more about changing the default Status setting. See Viewing Investigations Details for more information.
Description	(Optional.) Enter an investigation description.

4. Click Save.

Note: USM Anywhere automatically assigns every new investigation to the user who creates the investigation. To modify the assigned user. See Editing Investigations to modify the assigned user.