...
#?([a-f0-9]{6}|[a-f0-9]{3})
- Select the Alert Level. A criticality level may be assigned to enable the Snare user to designate audit events to their most pressing business security audit policy, and to quickly identify the level of importance via the criticality options in the drop down list. The Latest Events page will highlight the event in the selected Snare criticality color assigned to your audit policy. User can choose the criticality level depending on the destination the event is being sent. There are options to assign criticality for each destination based on the format Snare, Syslog, CEF or LEEF. Each of these criticalites is then assigned to the event. While sending to the destination, specific criticality is assigned to the final event string depending on the destination type ie Snare, Syslog, CEF or LEEF.
- Snare - Critical, Priority, Warning, Information, Clear
- Syslog - Emergency, Alert, Critical, Error, Warning, Notice, Info, Debug
- CEF - 0 - 10, 0 is least severe and 10 is most severe.
- LEEF - 1 - 10, 1 is least severe and 10 is most severe.
...