cancel
Showing results for 
Search instead for 
Did you mean: 

Threat Severity Levels

Hi all,

can anyone please show me the difference between the severity threats

Critical

Warning

informational

emergency

Notice

Alert

1 Reply

Re: Threat Severity Levels

This is probably going to confuse you a bit, but there are different threat severitys for HIPS & VSE, and how they are mapped for querying purposes. I've never seen anything really published by McAfee outlining the threat mapping, but if you look in the DB at two different sprocs, it defines them.

stored procedures:

dbo.VSE_InsertGenericEvent

dbo.HIP8SP_InsertIPSEvent

Threat mapping:

HIPS:                Common:

High (4)             = Critical (2)

Medium (3)        = Warning (4)

Low (2)              = Notice (5)

Information (1)   = Information (6)

VSE:                   Common:

Critical (4)           = Critical (2)

Major (3)             = Alert (1)

Minor (2)             = Notice (5)

Warning (1)         = Warning (4)

Informational (0) = Information (6)