AlienVault USM Anywhere enables you to create and manage your own investigation.

To create a new investigation

1. Go to Investigations.
2. In the upper right area of the page, click New Investigation to open a new window.

   

3. Enter the information in each field.

Fields in the New Investigation Dialog box

Field	Meaning
Title	Name identifying the investigation.
Intent	Classify your investigation as Delivery & Attack, Environmental Awareness, Exploitation & Installation, Reconnaissance & Probing, or System Compromise. See Intent for more information.
Severity	Severity of the investigation. Values are Low, Medium, High, and Critical.
Status	The status applied to the investigation. By default, it is Open and can not be changed. You can change it later to In Review or Closed. See Viewing Investigations Details to learn more about changing the default Status setting.
Description	(Optional.) Enter an investigation description.

4. Click Save.

Note: USM Anywhere automatically assigns every new investigation to the user who creates the investigation. See Editing Investigations to learn how to modify the assigned user.