Endpoint incident with incorrect Severity level
Article ID: 160425
Updated On:
Products
Data Loss Prevention Enforce
Issue/Introduction
Detection known issue
Resolution
A policy that specifies a different Severity level based upon the number of incident matches may generate an Endpoint incident with an incorrect Severity level.
For example, a policy is created with the following Severity settings:
Default Severity = Info.
Severity = High, if (# of matches) > = 20.
Severity = Medium, if 10 < (# of matches) <20.
Severity = Low, if (# of matches) < = 10.
The resulting incidents do not contain Severity levels that match the Severity settings.
Feedback
Yes
No
Powered by
