View and Manage Existing Investigations
The investigation management screen allows you to view all investigations to which you have access, track their progress, as well as search for historic investigations to learn from previous findings.
View investigations
To access all investigations you have created or been invited to, click the detective hat icon in the upper-right corner of the Coralogix toolbar and select View investigations. This opens a popup modal displaying details of the most recent investigation you accessed, without navigating away from your current location in the platform. To switch to another investigation, use the retractable left-hand column to browse the list or search by free text or ID.
You can add objects or comments directly to the open investigation in the Activity tab.
Manage investigations
To view and manage all investigations you have created or been invited to, click the detective hat icon in the upper-right corner of the Coralogix toolbar and select Manage Investigations. This action redirects you to the investigations management screen, where you can access all investigations available to you, track their progress, and search for historical investigations to gain insights from past findings.
Easily search, filter, and sort investigations to meet your needs. By default, closed or deleted investigations are hidden, but you can adjust the filters to include them.
To update an existing investigation, click on it in the grid to open its details. From there, you can add objects or comments directly in the Activity tab.
Add objects to an existing investigation
To add objects to an existing investigation, select one or more event objects in Coralogix. Click Add to investigation and choose one of the following options:
Current investigation: Opens a popup modal displaying details of the most recent investigation you accessed, without leaving your current platform location.
Other investigation: Opens a popup modal where you can select an existing investigation from a dropdown menu.
With either option, add an optional explanation (optional) and send the object(s).
Each object is added individually to the investigation timeline in chronological order based on its timestamp.