 Role Availability
|
 Read-Only
|
Analyst
|
 Manager
|
AlienVault USM Anywhere enables you to create and manage your own investigation.
To create a new investigation
- Go to Investigations.
- In the upper right area of the page, click New Investigation to open a new window.
- Enter the information in each field.
- Click Save.
| Field | Meaning |
|---|---|
| Title | Name identifying the investigation. |
| Intent | Classify your investigation. It can be Delivery & Attack, Environmental Awareness, Exploitation & Installation, Reconnaissance & Probing, and System Compromise. See Intent for more information. |
| Severity |
Severity of the investigation. Values are Low, Medium, High, and Critical. |
| Status | Status applied to the investigation. By default, it is Open and can not be changed. You can change it later to In Review or Closed. To learn more about changing the default Status setting. See Viewing Investigations Details for more information. |
| Description | (Optional.) Enter an investigation description. |
Note: USM Anywhere automatically assigns every new investigation to the user who creates the investigation. To modify the assigned user. See Editing Investigations to modify the assigned user.