Skip to main content

SetSeverityByScore

Deprecated

Calculates a weighted score based on the number of malicious indicators involved in the incident. Each indicator type can have a different weight. If the score exceeds certain thresholds, the incident severity will increase. Thresholds can be overriden by providing them in arguments.

Script Data#


NameDescription
Script Typepython
Tagsurl, ip, hash

Inputs#


Argument NameDescription
bad_url_weightThe points added to the score per malicious URL in the incident context (float).
bad_ip_weightThe points added to score per malicious IP address in the incident context (float).
bad_hash_weightThe points added to score per malicious hash in the incident context (float).
threshold_criticalThe minimal score to raise the severity to Critical (int).
threshold_highThe minimal score to raise the severity to High (int).
threshold_mediumThe minimal score to raise the severity to Medium (int).
initialscoreThe starting score to add on to. This can be set manually or mapped from context in playbooks.

Outputs#


There are no outputs for this script.