Folks, I am running reports in NSM version (188.8.131.52) for high severity sigs, the report pulls up the high severity sigs but when i go look them up manually in ips policies their severities are not high its either low or medium. I am not really sure why the data being pulled is wrong. We are investigating all the high severity sigs that have fired so that we can do a clean up but if the report is identifying sigs as high that are not really rated as high then the data i pulled up is misleading. Once logging in to NSM I go to reports then traditional then run the top N attacks report.
Anyone had any similar issues? Why could this be happening?
Post amended as title too long to fit properly in the forum templates - Moderator
Message was edited by: Ex_Brit on 08/06/14 9:07:47 EDT PM