 |
You are here: Docs>Sheriff Web>UserGuides>SheriffCSMDocumentation>UserGuide>EventCorrelation>EventCorrelationDirectives>GlobalProperties (29 Jan 2022, SheriffCyberSecurity)Edit Attach
Up
Previous Next Sheriff CSMâ„¢
The following screen shot gives you an example of the global properties of a directive:
Previous Next Sheriff CSMâ„¢
Global Properties
Each correlation directive has the following global properties Global properties for correlation directives| Property | Description |
|---|---|
| ID | A unique identifier for the directive. It becomes the Event Type ID when a directive event is created. Note: The ID of a directive is not displayed in the web interface. |
| Name | A meaningful name for the directive. It becomes the name of the directive event or the alarm. |
| Intent, Strategy, Method | Describe what the correlation directive tries to detect. These properties help categorize directive events according to the Sheriff CSM Taxonomy. |
| Priority | Defines the impact of the detected attack. Sheriff CSM uses it in the risk calculation of a directive event. All events generated by the directive have their priority set to the priority value of the directive. |
Edit | Attach | Print version | History: r12 < r11 < r10 < r9 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r12 - 29 Jan 2022, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.