Unknown
The Unknown category contains events that are not parsed and therefore cannot be categorized.
The following table describes the low-level event categories and associated severity levels for the Unknown category.
| Low-level event category | Category ID | Description | Severity level (0 - 10) |
|---|---|---|---|
| Unknown | 10001 | Indicates an unknown event. | 3 |
| Unknown Snort Event | 10002 | Indicates an unknown Snort event. | 3 |
| Unknown Dragon Event | 10003 | Indicates an unknown Dragon event. | 3 |
| Unknown Pix Firewall Event | 10004 | Indicates an unknown Cisco Private Internet Exchange (PIX) Firewall event. | 3 |
| Unknown Tipping Point Event | 10005 | Indicates an unknown HP TippingPoint event. | 3 |
| Unknown Windows Auth Server Event | 10006 | Indicates an unknown Windows Auth Server event. | 3 |
| Unknown Nortel Event | 10007 | Indicates an unknown Nortel event. | 3 |
| Stored | 10009 | Indicates an unknown stored event. | 3 |
| Behavioral | 11001 | Indicates an unknown behavioral event. | 3 |
| Threshold | 11002 | Indicates an unknown threshold event. | 3 |
| Anomaly | 11003 | Indicates an unknown anomaly event. | 3 |