Support Questions
Find answers, ask questions, and share your expertise
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Stellar Threat Intel rule does not trigger


Stellar Threat Intel rule does not trigger


I have the following field in my logs


this field has integer values from 0-7. I have created a threat rule as follows

severity == 6

and given it a score of 50.

However when the logs get enriched and indexed. The rule does not assign a score to the record. It does get identified as a alert because the is_alert field is true.

Don't have an account?
Coming from Hortonworks? Activate your account here