VIS Host Discovery
When the VIS component discovers and stores new hosts, ports, or vulnerabilities that are detected on the network, the VIS component generates events. These events are sent to the Event Collector to be correlated with other security events.
The following table describes the low-level event categories and associated severity levels for the VIS host discovery category.
| Low-level event category | Category ID | Description | Severity level (0 - 10) |
|---|---|---|---|
| New Host Discovered | 17001 | Indicates that the VIS component detected a new host. | 3 |
| New Port Discovered | 17002 | Indicates that the VIS component detected a new open port. | 3 |
| New Vuln Discovered | 17003 | Indicates that the VIS component detected a new vulnerability. | 3 |
| New OS Discovered | 17004 | Indicates that the VIS component detected a new operating system on a host. | 3 |
| Bulk Host Discovered | 17005 | Indicates that the VIS component detected many new hosts in a short period. | 3 |