Severity and state mappings for Graylog
Alert priority and resolution state mapping between Graylog and Incident Response.
Graylog alert priority mapping
Graylog’s alert priority is based on one field in the payload.
The field of interest is priority.
| Graylog payload field | Graylog payload value | Incident Response alert priority value |
|---|---|---|
| priority | 1(Low) | P4-Low |
| 2(Normal) | P3-Moderate | |
| 3(High) | P2-High |
Graylog resolution state mapping
The field of interest is priority.
| Graylog payload field | Graylog payload value | Incident Response alert resolution state value |
|---|---|---|
| priority | 1(Low) | New |
| 2(Normal) | ||
| 3(High) |
Note: If you require any other severity and state mappings, use the
Generic webhook integration.