Know the equivalent value of the severity for an event shown on the Deep Security web console as compared to the syslog entry.
The table below shows the events in the web console and their corresponding value in syslog:
Event | Web Console | Syslog |
---|---|---|
Anti-Malware Events | All events | 6 |
Web Reputation Events | Dangerous | 8 |
Highly Suspicious | 7 | |
Suspicious | 6 | |
Untested | 5 | |
Blocked by Administrator | 5 | |
Firewall Events | Deny | 5 |
Log Only | 0 | |
Intrusion Prevention Events | Critical | 10 |
High | 8 | |
Medium | 6 | |
Low | 3 | |
Protocol Error | 5 | |
Integrity Monitoring Events | Critical | 10 |
High | 8 | |
Medium | 6 | |
Low | 3 | |
Log Inspection Events | Critical (12-15) | 10 |
High (8-11) | 8 | |
Medium (4-7) | 6 | |
Low (0-3) | 3 | |
System Events | Error | 8 |
Warning | 6 | |
Info | 3 |