Up
Previous Next Sheriff CSMâ„¢
The following screen shot gives you an example of the global properties of a directive:
Previous Next Sheriff CSMâ„¢
Global Properties
Each correlation directive has the following global properties Global properties for correlation directives| Property | Description |
|---|---|
| ID | A unique identifier for the directive. It becomes the Event Type ID when a directive event is created. Note: The ID of a directive is not displayed in the web interface. |
| Name | A meaningful name for the directive. It becomes the name of the directive event or the alarm. |
| Intent, Strategy, Method | Describe what the correlation directive tries to detect. These properties help categorize directive events according to the Sheriff CSM Taxonomy. |
| Priority | Defines the impact of the detected attack. Sheriff CSM uses it in the risk calculation of a directive event. All events generated by the directive have their priority set to the priority value of the directive. |
This topic: Sheriff > UserGuides > SheriffCSMDocumentation > UserGuide > EventCorrelation > EventCorrelationDirectives > GlobalProperties
Topic revision: 29 Jan 2022, SheriffCyberSecurity
Topic revision: 29 Jan 2022, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.