Hi Craig,
Apologize that the UI and documentation is not more clear on this topic. I will circle back with the Docs and UX teams to file bugs and get these clarified.
As you correctly point out, ESA rules generate alerts that have a severity rating of either Low, Medium, High, or Critical. The mapping of the four alert severity levels to the 0-100 scale you can see when authoring an IM rule is configuration to define how IM translates the severity levels into the priority score on the incident. This is why the values are editable. For example, if critical is configured to 90 then an alert of that level will contribute a score of 90 to the incident priority. The IM rule then takes this score and either combines it with scores from other alerts it contains into an average or just takes the highest score and uses that for the incident priority.
The alert rule ID referred to in IM rules is the name of the ESA rule.
