Start an investigation from the alert center

Security investigation tool
Supported editions for this feature: Frontline Standard and Frontline Plus; Enterprise Standard and Enterprise Plus; Education Standard and Education Plus; Enterprise Essentials Plus; Cloud Identity Premium. Compare your edition

You can start an investigation from the alert center by linking directly to the security investigation tool. Using the investigation tool, you can then view additional details about the event, make important adjustments to your Google Admin console settings if needed, or take other actions in response to the alert.

You can start an investigation in two ways:

  • To start an investigation from the main page of the alert center, click one of the magnifying glass icons on the far-right side of the page.
  • To start an investigation from an alert details page, click INVESTIGATE ALERT

Using the details from the alert, conditions for the investigation are then pre-populated in the investigation tool, and the investigation tool opens automatically. Click SEARCH to run the investigation. You can also add conditions or make adjustments to the conditions before clicking SEARCH.

For more details and instructions, see About the security investigation tool.

Related articles

Was this helpful?

How can we improve it?

Need more help?

Try these next steps:

Post to the help community Get answers from community members
Contact us Tell us more and we’ll help you get there
true
Start your free 14-day trial today

Professional email, online storage, shared calendars, video meetings and more. Start your free Google Workspace trial today.

Search
Clear search
Close search
Google apps
Main menu
14770202722413320430
true
Search Help Center
true
true
true
true
true
73010
false
false
false
false