# Analyzing investigations

## Action menu for additional context <a href="#visualeditor-usingtheinvestigationresulttableforinsights" id="visualeditor-usingtheinvestigationresulttableforinsights"></a>

Hover over a specific cell value in the Investigations results table, to open the action menu and access different options depending on the field:

* **Drill down to …** opens an Investigations page with an NQL query listing the results specific to the row of the selected cell value under the field column of interest. See the image below.
  * The **Drill down to...** option is available for metric fields.
* **Copy** value or **Copy raw value** copies the metric value. Hover over a metric to see the raw number. The system shortens large numbers with appropriate suffixes.
* Use the contextual action menu only for inventory objects—users, devices and binaries—to:
  * **Open binary profiling, Open user overview** or **Open device view**, depending on the case.
  * **Diagnose** for diagnostics dashboards.
  * **Retrieve all** pre-filled investigation queries in the inventory-object context.

{% hint style="info" %}
You can sort investigation results by clicking on the table column headers.
{% endhint %}

<figure><img src="/files/E55Ykviez7zqjnsUtteF" alt="Drilling down investigation result table."><figcaption></figcaption></figure>

## Action bar for bulk operations <a href="#visualeditor-actionbar" id="visualeditor-actionbar"></a>

Additionally, when you select entire rows by selecting the checkboxes on the left side of the table, the system displays an action bar at the bottom of the Nexthink web interface.

<figure><img src="/files/hHw4dDd6lnzg6d6XbVmp" alt="action bar"><figcaption></figcaption></figure>

Depending on the query, the action bar includes the following options:

* Number of items selected.
* **Execute action**: Run remote actions, workflows, or campaigns on selected **Devices**, **Users**, or **VDI sessions**. Executing actions on **VDI sessions** requires [Nexthink VDI experience](https://docs.nexthink.com/platform/user-guide/vdi-experience).
* **Drill down to:** This option is available only for the list of objects with at least one associated event metric. It allows you to run a quick investigation to retrieve:
  * Objects related to the selected items from the results list, with at least one event from the original query recorded.
  * Events included in the original query which have been recorded for the selected objects from the results list. The new investigation keeps the original timeframe and filters.
* **Retrieve all**: Run a quick investigation to list all objects or events related to the selected items from the results list, regardless of whether any events from the original investigation were recorded for them. The new investigation keeps the original timeframe and applicable filters.
* **Edit**: Edit the value of a manual custom field. This option is available for the list of inventory objects that have a manual custom field applied.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.nexthink.com/platform/user-guide/investigations/analyzing-investigations.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.