Skip navigation
All Places > Products > RSA NetWitness Platform > RSA NetWitness Platform Online Documentation > Documents
Log in to create and rate content, and to follow, bookmark, and share content with other members.

Investigate: Investigate View

Document created by RSA Information Design and Development Employee on Mar 27, 2018Last modified by RSA Information Design and Development Employee on Jan 6, 2021
Version 24Show Document
  • View in full screen mode

The Investigate view is the primary entry point to NetWitness Investigate. In Version 11.5, several of the Investigate submenus are moved to the main menu for easier access. Prior to Version 11.5, the Investigate view had six submenus, which opened different views that allow you to analyze events from different perspectives. The submenus that remain under Investigate are: Navigate, Legacy Events, Events (formerly Event Analysis), and Malware Analysis. The Hosts, Files, and Users views (formerly Entitites) are available from the main menus to improve the workflow for analysts.

Note: The Legacy Events view was the original Events view (11.0 to 11.3.x.x). In Version 11.4 and later, the Legacy Events is no longer needed and it is hidden unless the administrator enables it. By default only the Events view appears in the menu, but when the Legacy Events view is enabled, both the Events view and the Legacy Events view are visible in the menu bar.

How NetWitness Investigate Works provides an introduction to all of the capabilities available in the Investigate view.

You are here
Table of Contents > Investigate Reference Materials > Investigate View