SIEM Agent export log does not have the same severity as Detect Incident
search cancel

SIEM Agent export log does not have the same severity as Detect Incident

book

Article ID: 215972

calendar_today

Updated On:

Products

CASB Security Advanced CASB Security Premium CASB Security Standard

Issue/Introduction

SIEM exported logs do not have the medium or high incidents shown in the Detect incident section under event logs.

Environment

Component: Investigate

Cause

Detect Incidents currently can only be exported from the Detect module.  

Resolution

To export these incidents, go to Detect > Incidents > Export Incidents option.

Because the Detect admin can adjust the Severity Thresholds, the resulting severity level might change. The admin can also use ThreatScore as a reference.

Powered by Wolken Software