Investigation

Perform AI investigation analysis on a specified Case, generate a structured investigation report, and write it back to the Case's AI analysis fields.

Registered Name

Investigation

Execution Flow

Load complete Case data
Extract knowledge keywords and search the knowledge base for matching records
Retrieve Case discussion records
Call LLM to generate a structured investigation report (including verdict, severity, impact assessment, summary, attack chain, IOC, remediation recommendations, etc.)
Write the report back to the Case's AI analysis fields

Trigger Methods

Manually execute Playbook from the SIRP platform Case detail page
Trigger via MCP tool execute_playbook

Agents

Skills

Investigation

Registered Name

Execution Flow

Trigger Methods

Investigation ​

Registered Name ​

Execution Flow ​

Trigger Methods ​

Investigation

Registered Name

Execution Flow

Trigger Methods