Event risk score (Filebeat Checkpoint)

Hey there,

I am wondering how the risk score works in the filebeat checkpoint index.

I see a risk score spanning from 0 to 5, does anyone know how this index was designed ?

I guess 5 is critical and 0 is kind of "benign", are there any references online somewhere?


This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.