- Automation Management
- Automation Management Permissions
- Automation Management Playbooks
- Automation Management Playbook Triggers
- Pre-Built Automation Management Playbooks
- Automation Management Advanced Playbooks
- Automation Management Rule-Based Playbooks
- Filter Automation Management Playbooks
- Find Automation Management Playbooks
- Enable or Disable an Automation Management Playbook
- Reorder an Automation Management Playbook
- Delete an Automation Management Playbook
- Automation Management Services
- Automation Management Actions
- Create an Automation Management Action
- Clone an Automation Management Action
- Edit an Automation Management Action
- Deploy an Automation Management Action
- Preview Automation Management Action Code
- View Automation Management Action Run History
- View Automation Management Action Version History
- View Automation Management Action Audit Log
- Delete an Automation Management Action
- Refresh Automation Management Action List
- Automation Agents
Set Alert Priority Pre-Built Playbook
Ensure that the alert priority correlates to the alert risk score using the Set Alert Priority pre-built playbook.
There are two possible triggers for the playbook: alert created and alert modified. If the playbook is enabled, the playbook automatically runs when an alert is created or an alert is modified.
The playbook runs a branch to one. In this branch to one, the alert priority is updated depending on its risk score and current priority:
Default – If none of the other branches are true, nothing is executed.
Branch 1 (Change Priority To LOW) – If the alert risk score is less than 25 and the priority is not Low, the branch updates the alert priority to Low.
Branch 2 (Change Priority To MEDIUM) – If the alert risk score is greater than or equal to 25 and less than 50 and the priority is not Medium, the branch updates the alert priority to Medium.
Branch 3 (Change Priority to HIGH) – If the alert risk score is greater than or equal to 50 and less than 75 and the priority is not High, the branch updates the alert priority to High.
Branch 4 (Change Priority To CRITICAL) – If the alert risk score is greater than or equal to 75 and the priority is not Critical, the branch updates the alert priority to Critical.