How can I set YARA-L rule severity using a UDM field from the matched events, such as security_result.severity?
Page 1 / 1
No, not at present. You would need to set Severity as a custom Outcome variable; however, I checked with our Product team and this is scheduled for the mid term, and as an indicative estimate could be available by end of Q1 next year.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.