What information is not available in User Search within the Investigate App of CrowdStrike Falcon?

When exploring the capabilities of the User Search feature within the Investigate App of CrowdStrike Falcon, it is essential to note what specific information this feature is designed to provide. The User Search functionality is aimed primarily at examining user-related activities, enabling security analysts to delve into user activity logs and associated data, such as file analysis history and other user activity events.

The feature does not include User IP History, which focuses specifically on the tracking of IP addresses associated with users over time. While analyzing files and activities is crucial for understanding how a user may interact with the environment, IP history falls outside the core focus of the User Search functionality.

In contrast, file analysis history, threat intelligence reports, and user activity logs are integral to investigating a user's actions, as they provide insights into what files a user interacted with, any threats associated with their actions, and a comprehensive record of their activities. This context is vital for threat detection and incident response, emphasizing the primary role of User Search in aggregating relevant user-related data, while the exclusion of User IP History highlights the specialized nature of different investigative tools within the Falcon platform.