• Support
  • Forums
  • Blogs

how can i see user contributed directives in alarms

anton.malakhovanton.malakhov

New Life Form
i clone some av-free feed directives. In siem search i see that this directives working . But i don't usually see this directives events in alarms

Share post:

Answers

  • Risk = (priority *reliability * asset_value)/25. Any event with a risk score greater than 1 will generate an alarm.

    You can increase priority or reliability within your directive.

    Good luck
Sign In or Register to comment.