Contents
1. One-click Investigations
1.1. Concept
One-click Investigation allows Finder's users to make a new investigation based on a displayed object or attribute in a single click. More particularly, it allows the user to get new information from an investigation's result without creating a new and dedicated investigation
1.2. Requirements
1.2.1. Templates in Investigations section
One-click Investigation is based on the concept of Investigation Template. The suggested one-click investigations are directly herited from all existing templates of the investigation section (1), in any location of the section (directly in the section, in a folder or any subfolders).
1.2.2. Template parameters
For one-click investigation availabe on object, the template parameter used is the object (1) ID (2)
For one-click investigation available on activity, the template parameter to use are the others object (1) attributes (2)
1.3. NEXThink Library
Some predefined one-click investigations packs are available into NEXThink Library on http://library.nexthink.com. Refer to the related documentation for more information.
2. Using One-click Investigation
2.1. In list view
By right-clicking an object or a list of objects resulting of an investigation, the one-click investigation drop-down list displays all available templates.
Click the template to run the investigation with the selected ojects or attributes as parameters. A new tab appears (1) as any other investigation template, including all options (2) to save, edit the parameters, edit the investigation or refresh the result.
Note: if One-click investigation option is not available, it means that you don't have any template corresponding to the selected object or attribute. Please refere to the requirements for more information.
2.2. In Network or Local activity views
By right-clicking an activity path (connection or execution) in the network or local activity views resulting to an investigation, the one-click investigation drop-down list displays all available templates.
By right-clicking an object in the network or local actity view resulting of an investigation, the one-click investigation drop-down list displays all available templates.
Note: if One-click investigation option is not available, it means that you don't have any template corresponding to the selected object or attribute. Please refere to the requirements for more information.