As mentioned in the previous section, you use the Vulnerability Risk Score Entity Criticality Factor Formula Definition file to determine the Entity Criticality Factor formula. The Vulnerability Risk Score Entity Criticality Factor Formula Definition file has three columns which define the formula name, description, and formula, respectively. The CSV file can have as many rows as you would like, but you must use the “default” name in column A for the formula that you want to be the active formula.
You can use any name you would like in column B.
All variables in the formula need to have the following syntax: agl_asset_factor_customattrib .criticality and agl_ asset_factor_customattrib.string1_number, where agl_asset_factor_customattrib is the database table name. This table name, agl_asset_factor_customattrib must precede all the variables, such as criticality. Custom attributes have an additional syntax element. The string number must precede the characters “_number”, such as agl_asset_ factor_customattrib.string12_number and ;agl_asset_factor_customattrib.string25_number
The maximum character length for the formula field is 1,000 characters. The other fields have a maximum length of 20 characters. All fields are case-insensitive.