Learn
Documentation
Support Community

Managing Investigations

The Investigations administration page allows you to create, share and manage all of your investigations in one place.

Accessing the Manage investigations page

Select Investigations > Manage investigations from the main menu.

Note that the main menu displays Shared and Private investigations sorted by tags.

Creating a new investigation

Click on the New investigation button in the top-right corner of the page:

  • The system takes you to the Visual editor tab of the Investigations page where you can construct your NQL query.

  • Alternatively, switch to the NQL editor tab to write the query by hand.

Managing investigations

From the Manage investigations page:

  1. Click on the name of an investigation to edit it or view the results of the NQL query.

  2. Sort the listed investigations by name or by typing/selecting investigation tags.

  3. Import an investigation by selecting the investigation's JSON file.

  4. Hover over an investigation to reveal the action menu on the right side of the table.

Hovering over the action menu on the right side of the table allows you to:

  • View: See the results of the NQL query on the Investigations page.

  • Rename: Change the name of the investigation.

  • Edit tags: Create, assign and edit investigation tags. Refer to the Tagging investigations section.

  • Share: Grant permissions to other users to view or edit the investigation. Refer to the Sharing an investigation section.

  • Export: Export the investigation to a JSON file. Refer to the Exporting an investigation section.

  • Duplicate: Create a copy of the investigation.

  • Delete: Remove the investigation from the system.

Tagging investigations

Tagging allows you to quickly sort and filter investigations. You can apply one or many tags to investigations.

From the Manage investigations page:

  1. Hover over an investigation to reveal the action menu on the right side of the table.

  2. Click the Edit tags option from the investigation action menu to open the Tags pop-up.

  3. Type a new tag or write an existing one to add it to the investigation.

  4. Open the tag’s action menu to remove the tag from the investigation or change the tag color.

Deleting a tag only removes it from the chosen investigation.

Sharing an investigation

Share your investigations with other Nexthink web interface users.

From the Manage investigations page:

  1. Hover over an investigation to reveal the action menu on the right side of the table.

  2. Click the Share option from the investigation action menu to open the Share pop-up.

The Share option is available if you have permissions to Manage all investigations or Share private investigations option selected for the Investigations module.

The visibility of shared investigations is determined by the Roles permissions of the user in question.

  1. In the Add profile text field, type in the user profiles you wish to share the investigation with.

  2. From the Select permissions drop-down menu, select the appropriate permissions for the profile. The choices are:

    • View: Gives a user read-only access to the investigation and the right to save a copy of it.

    • Edit: Allows a user to modify and save the investigation to collaborate on it with others.

  3. Clear all to disable all permissions.

  4. Grant permissions to share the investigation.

To remove existing permissions:

  • Hover over the Permissions column for a given permission entry and click on the action menu.

  • Select Remove all permissions.

All shared investigations appear in the Shared tab of the navigation panel. The Investigations that you have editing rights to, also appear on the Manage investigations page.

The visibility of shared investigations is determined by the Roles Investigations permissions granted to the user.

Exporting an investigation

Export and download your investigations as a JSON file. From the Manage investigations page:

  1. Hover over an investigation to reveal the action menu on the right side of the table.

  2. Click the Export option from the investigation action menu to download the investigation's JSON file.

Alternatively, you can also export an investigation from the Investigations' specific page:

  • Export results to download the investigation's results as a CSV file. Nexthink asks you to name this file before downloading it.

  • Export investigations to download the investigation's JSON file.

Last updated

© Nexthink

Privacy policyResponsible Disclosure Policy