This section provides a description of system event types associated with External technology (see the table below).
System event types based on External technology (EXT)
Code of event type |
Event title |
Severity |
Registration conditions |
|---|---|---|---|
8000000000 |
Incident |
Determined by the importance level of the correlation rule |
A sequence of events that satisfy the conditions of a correlation rule was detected (if the incident title and description are not defined in the rule). |
8000000001 |
$customTitle |
Determined by the importance level of the correlation rule |
A sequence of events that satisfy the conditions of a correlation rule was detected (if an incident title is defined in the rule but not an incident description). The event type title uses the $customTitle variable, which is replaced with the incident title when an event is registered. |
8000000002 |
Incident |
Determined by the importance level of the correlation rule |
A sequence of events that satisfy the conditions of a correlation rule was detected (if an incident description is defined in the rule but not an incident title). The event type description uses the $customDescription variable, which is replaced with the incident description when an event is registered. |
8000000003 |
$customTitle |
Determined by the importance level of the correlation rule |
A sequence of events that satisfy the conditions of a correlation rule was detected (if the incident title and description are defined in the rule). The following variables are used in the title and description of an event type:
|