Processing Rule Properties, Alert Tab

Allows you to specify whether a match to this rule generates an alert, and the properties for that alert. The fields are defined as follows:

Generate alert
Specifies whether a match to this rule generates an alert.
Alert severity
Specifies the level of severity of the alert, such as Security Breach or Critical Error.
Specifies the person responsible for tracking and resolving the alert.
Resolution state
Specifies the status of the resolution process of the alert, such as New or Resolved. The resolution state indicates whether the resolution process has begun.
Alert source
Specifies the source of the alert. The default is $Source Name$, but you can specify another parameter by clicking the arrow and selecting from the list.
Specifies the description of the alert. Press the Enter key for line breaks within the Description box.

To populate the custom fields of the alert, click Custom Fields.