DefaultIncidentClassifier

Deprecated

Classifies an incident from mail.

Script Data


NameDescription
Script Typejavascript
Tagsingestion

Inputs


Argument NameDescription
splunkSenderThe email address from which Splunk sends emails to the mail listener.
nexposeSenderThe email address from which Nexpose sends emails to the mail listener.
defaultIncidentTypeThe incident type to be set in case the email is not from Splunk nor Nexpose.
minRiskScore
minVulnCountThe argument passed as-is to NexposeEmailParser. See its documentation for details.
sentinelOneSenderThe email address from which sentinel one sends emails to the mail listener
sentinelOneIncidentTypeThe incident type to classify sentinel one events to.

Outputs


There are no outputs for this script.