.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
Investigate DialogInvestigate Dialog
In the Investigate dialog, analysts can select a service or a collection to investigate. The dialog is automatically displayed when you first go to the Navigate view or Legacy Events view and have not selected a default service to investigate. To access the dialog from a current investigation, select the current service name in the toolbar.
WorkflowWorkflow
What do you want to do?What do you want to do?
*You can perform this task in the current view.
Related TopicsRelated Topics
Quick LookQuick Look
The Investigate dialog has two tabs: Services and Collections.
Note: Collections are also known as workbench collections. You can only view workbench collections that you have created, and only administrators can create a workbench collection.
The Services tab includes a list of services available for investigation, and three buttons. All features are described in the following table.
The Collections tab has two buttons and two panels: Workbench and Collections.
The Workbench panel lists available Workbench services by name. After a Workbench service is selected, you can select a collection from the Collections panel.
The Collections panel lists available collections to investigate. After a collection is selected, you can click Navigate to view the collection.
The following table describes the features of the Collections panel.