Well the idea was to easily distinct specific messages quickly ... For example there are many alerts of level 3 from different sources , etc , so the idea was not to give to a custom message a specific alert.
But anyway I see your point . There are other ways after all to search I guess . Thank you ! On Nov 17, 10:23 pm, "dan (ddp)" <[email protected]> wrote: > On Fri, Nov 11, 2011 at 9:43 AM, alsdks <[email protected]> wrote: > > Hello ! > > > Are Severity levels customizable ? Meaning can we assign a value of > > our own ? > > It would be a nice feature to have if it is not already there! To be > > able to assign alert levels from a reserved range , let's say 20-25 > > for example , for users to be able to use at will? > > > I could thing of many scenarios were one would want to be alerted on > > specific events , form custom applications \ different usage scenarios > > etc that don't have to be necessarily security related events . > > > It would be easy to differentiate and distinct those custom usage > > scenarios fast and easily , if they should be assigned a custom alert > > level. > > > Any Ideas ? > > > Thank you ! > > Your proposed scenario should work just fine with using specific rule > IDs. I'm not sure why you would want a severity level that meant > something other than severity.
