Threat Severity Levels |McAfee Communities https://community.mcafee.com/thread/77604?

start=0&tstart=0

All Places > Business > ePolicy Orchestrator (ePO) > Discussions

THIS DISCUSSION IS ARCHIVED

1 Reply Latest reply on Feb 11, 2015 7:59 AM by fitchsoccer342

belaleid Feb 11, 2015 1:04 AM

Threat Severity Levels

This question is Not Answered.

Hi all,

can anyone please show me the difference between the severity threats
Critical
Warning
informational
emergency
Notice
Alert

I have the same question (0)

1120 Views Categories: Reporting Tags:

fitchsoccer342 Feb 11, 2015 7:59 AM (in response to belaleid)

1. Re: Threat Severity Levels

This is probably going to confuse you a bit, but there are different threat severitys for HIPS &
VSE, and how they are mapped for querying purposes. I've never seen anything really
published by McAfee outlining the threat mapping, but if you look in the DB at two different
sprocs, it defines them.

stored procedures:
dbo.VSE_InsertGenericEvent
dbo.HIP8SP_InsertIPSEvent

Threat mapping:
HIPS: Common:
High (4) = Critical (2)
Medium (3) = Warning (4)

1 of 2 08/03/2017 14:57
Threat Severity Levels |McAfee Communities https://community.mcafee.com/thread/77604?start=0&tstart=0

Low (2) = Notice (5)

Information (1) = Information (6)

VSE: Common:
Critical (4) = Critical (2)
Major (3) = Alert (1)
Minor (2) = Notice (5)
Warning (1) = Warning (4)
Informational (0) = Information (6)

Actions Like (0)

Home | Top of page | Help 2007-2017 Jive Software | Powered by

2 of 2 08/03/2017 14:57