How does the Nessus collector determine severity level of events


Article ID: 177364


Updated On:


Security Information Manager


In the Collector Guide, it shows N/A in the Nessus field for the Severity ID translation.



The reason there is no Nessus field specified is because there is no direct field to field mapping for Severity ID of Nessus events.

The Severity ID is determined based on the type of Nessus event.

For example:

Security Note = 2 or Warning
Security Warning = 3 or Minor
Security Hole = 4 or Major

This is applicable to the Symantec™ Event Collector 4.4 for Nessus and Symantec™ Event Collector for Nessus™ version 4.2 which has been replaced by the newer Nessus 4.4 collector.