Google Security Operations lets you investigate many different aspects of the
information stored in your Google SecOps account using the investigation
views:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eGoogle Security Operations provides investigation views to examine various aspects of data within your account.\u003c/p\u003e\n"],["\u003cp\u003eThere are multiple investigation views available, including those for alerts, assets, domains, files, IP addresses, uppercase alerts, and users.\u003c/p\u003e\n"],["\u003cp\u003eInvestigation views are supported within Google SecOps \u003ca href=\"/chronicle/docs/secops/google-secops-siem-toc\"\u003eSIEM\u003c/a\u003e.\u003c/p\u003e\n"],["\u003cp\u003eUDM search offers more in-depth investigative abilities over standard investigation views within your Google Security Operations.\u003c/p\u003e\n"]]],[],null,["# Investigation views\n===================\n\nSupported in: \nGoogle secops [SIEM](/chronicle/docs/secops/google-secops-siem-toc)\n\nGoogle Security Operations lets you investigate many different aspects of the\ninformation stored in your Google SecOps account using the investigation\nviews:\n\n- [Alert view](/chronicle/docs/investigation/investigate-alert)\n- [Asset view](/chronicle/docs/investigation/investigate-asset)\n- [Domain view](/chronicle/docs/investigation/investigate-domain)\n- [File view](/chronicle/docs/investigation/investigate-file)\n- [IP address view](/chronicle/docs/investigation/investigate-ipaddress)\n- [Uppercase alert view](/chronicle/docs/investigation/investigate-uppercase-alert)\n- [User view](/chronicle/docs/investigation/investigate-user)\n\n| **Note:** [UDM search](/chronicle/docs/investigation/udm-search) provides enhanced capabilities that let you conduct more thorough investigations of the events and alerts within your Google SecOps instance than is possible using investigation views alone. For more information, see [UDM search](/chronicle/docs/investigation/udm-search).\n\n**Need more help?** [Get answers from Community members and Google SecOps professionals.](https://security.googlecloudcommunity.com/google-security-operations-2)"]]
