Open frantz45 opened 1 year ago
This is a breaking change. It seems to me that it implies a migration step (exporting/importing all rules). The mapping from current severity levels to priorities needs to be defined in order to have the import accept ancient rules.
The mapping for this feature is :
Severity | Priority |
---|---|
INFO | LOW |
FAIBLE | LOW |
MOYENNE | NORMAL |
HAUTE | HIGH |
When we created Logging Alert plugin we created the field Severity because there was no equivalent in Graylog. But now there is the Priority field. Priority has only 3 levels, and Severity 4, but it may be enough.