Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Stellar Threat Intel rule does not trigger

Highlighted

Stellar Threat Intel rule does not trigger

New Contributor

I have the following field in my logs

'severity'

this field has integer values from 0-7. I have created a threat rule as follows

severity == 6

and given it a score of 50.

However when the logs get enriched and indexed. The rule does not assign a score to the record. It does get identified as a alert because the is_alert field is true.