The assignment is based on general security principles and best practices. For example, an action that fails is commonly considered more severe than a successful one from a security implication point of view. The following table shows the value, name and explanation of the eight severity levels. A detailed list of severity level assignment is at appendix A.
Value |
Name |
Description |
---|---|---|
0 |
Unknown |
Unknown Events Events Not Mapped to CEG Unclassified |
1 |
Debug |
Message that appears during debugging only Events in non-production environment |
2 |
Information |
General System Operation Information General Security Related Information Notice |
3 |
Warning |
Unusual Changes to System/Function/Security Normal but Significant Condition Failed Operations Degraded Performance |
4 |
Minor_Impact |
Minor Impact to System/Function Minor Impact to Security |
5 |
Major_Impact |
Major Impact to System/Function Major Impact to Security |
6 |
Critical |
Immediate Action Required Likely Security Breach |
7 |
Fatal |
System Unusable/Down High Possibility of Security Breach Non Recoverable Problems |
Severity Level 0 and Level 1 are at present not being assigned to any of the existing CEG event action and are reserved for future use. For the rest of the severity levels, the following guidelines are followed:
Severity Level 2:
Severity Level 3:
Severity Level 4:
Severity Level 5:
Severity Level 6:
Severity Level 7:
Copyright © 2013 CA.
All rights reserved.
|
|