# Investigate Quick Start Guide (prior to SQL search)

For additional information about Vectra's Investigation features (Advanced Investigation and Instant Investigation), please see the [Vectra AI Platform Investigation FAQ](https://docs.vectra.ai/operations/investigate/vectra-ai-platform-investigate-faq) .

**Contains**

* What is Vectra Investigate?
* Before you begin
* How to create and run a query
* How to add or remove filters
* How to modify the query's search period
* How to add/remove and re-order columns in the results
* How to run a query from Instant Investigation
* Query Examples
  * Investigating an Azure AD attack with Powershell
  * Investigating a Microsoft 365 attack with Power Automate
  * All activity around a specific AWS EC2 instance
  * AWS activity performed with an assumed role
  * AWS activity performed with an assumed role on a different region
* Troubleshooting
* "Search could not be completed" or "Search timed out"
* "Search could not be completed" (with error id)
* "Something went wrong"
* Related articles

**Attachments**

{% file src="<https://4227135129-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FHJ1ltuWFvsArFWtevnRn%2Fuploads%2Fgit-blob-afd57f4b65950971658f890734e71a746cad14ea%2FVectra%20AI%20Platform%20Investigate%20Quickstart%20Guide%201.5.pdf?alt=media>" %}