Edition: This feature is available in the Standard and Premium editions of USM Anywhere.
USM Anywhere allows you to run a user-initiated agent query. There are several ad-hoc queries, which are in your environment by default. These queries generate events which can be used for a forensic investigation, so you can focus on fast response and remediation.
Important: The Agent must be connected and sending events.
You can run queries from different parts of your environment