Processing Rule Properties, Alert Tab
Allows you to specify whether a match to this rule generates an
alert, and the properties for that alert. The fields are defined as
- Generate alert
- Specifies whether a match to this rule generates an alert.
- Alert severity
- Specifies the level of severity of the alert, such as Security
Breach or Critical Error.
- Specifies the person responsible for tracking and resolving the
- Resolution state
- Specifies the status of the resolution process of the alert,
such as New or Resolved. The resolution state indicates whether the
resolution process has begun.
- Alert source
- Specifies the source of the alert. The default is $Source
Name$, but you can specify another parameter by clicking the arrow
and selecting from the list.
- Specifies the description of the alert. Press the Enter key for
line breaks within the Description box.
To populate the custom fields of the alert, click Custom