Setting Special Severity Levels

You can customize or conditionalize the event-severity levels reported by SmartConnectors. Customizing means pre-setting a given SmartConnector's filter to one specific severity level; conditionalizing is essentially the same, but with the addition of a filter condition to determine when the pre-set severity level is reported.

To configure a custom or conditional severity level:

Choose the Connectors resource tree in the Navigator panel.
In the Connectors resource tree, right-click the appropriate SmartConnector and choose Configure.
In the Connector Configuration Editor, select the Connector: Default: Filters tab.
In the Filters tab, select a severity level.
In the Filter Condition dialog box choose a field, a logical operator, and enter a value for the condition.
Click OK in the Filter Condition dialog box and Apply or OK in the Connector Configuration Editor.

In the example, we selected the "Very-High Severity” filter and defined a condition in which Category Significance contains Hostile. When this condition is met, the severity of the event becomes "Very-High."

For more information, see Managing SmartConnector Filter Conditions.

Micro Focus Security Community
All Documentation
Support
Education
Send Us Feedback

Close

We welcome your comments!

You can either:

Open an email window.

Or copy the information below to an email client and send the email to Documentation-Feedback@microfocus.com.

Help Topic ID:

Product:

Topic Title:

Feedback: