Up
Previous Next

Event Priority

Using Event Priority as a policy condition, you can filter events that are from a server according to how reliable the events are. Each event has an assigned priority value. This specifies the importance of the event and defines how urgently the event should be investigated. Priority is a numeric value between 1 and 5, where priority event 1 has no importance, and priority event 5 is of critical importance.

You can use greater than (>), less than (<), or equals to (=) when specifying priority or reliability values for events to set thresholds for the parameter.
Topic revision: r3 - 30 May 2021, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.