SetSeverityByScore

Deprecated

Calculates a weighted score based on the number of malicious indicators involved in the incident. Each indicator type can have a different weight. If the score exceeds certain thresholds, the incident severity will increase. Thresholds can be overriden by providing them in arguments.

Script Data


NameDescription
Script Typepython
Tagsurl, ip, hash

Inputs


Argument NameDescription
bad_url_weightThe points added to the score per malicious URL in the incident context (float).
bad_ip_weightThe points added to score per malicious IP address in the incident context (float).
bad_hash_weightThe points added to score per malicious hash in the incident context (float).
threshold_criticalThe minimal score to raise the severity to Critical (int).
threshold_highThe minimal score to raise the severity to High (int).
threshold_mediumThe minimal score to raise the severity to Medium (int).
initialscoreThe starting score to add on to. This can be set manually or mapped from context in playbooks.

Outputs


There are no outputs for this script.