refactor: Change UFW block anomaly severity to medium

Changed the severity of the UFW block anomaly from "high" to "medium". A high number of blocked connections is not a critical issue as long as the firewall is working correctly.
2025-09-15 13:24:43 -05:00
parent 12e6ba0135
commit e559e16e35
1 changed files with 1 additions and 1 deletions
--- a/monitor_agent.py
+++ b/monitor_agent.py
@@ -333,7 +333,7 @@ def analyze_data_locally(data, baselines, known_issues, port_applications):
        for ip, count in blocked_ips.items():
            if count > 10:
                anomalies.append({
-                    "severity": "high",
+                    "severity": "medium",
                    "reason": f"High number of blocked connections ({count}) from IP address: {ip}"
                })