检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
account creation Suspicious Ecs User Create Suspicious ECS account creation ECS account permission escalation ECS User Escalate Privilege ECS account permission escalation Suspicious IAM account creation Suspicious IAM Account Create Suspicious IAM account creation IAM permission
ECS Agency: Select this option if you want to obtain tokens through ECS agencies. The data collection function is not affected even if the tenant account or password changes. Before selecting the ECS agency, you need to configure an agency for ECS.
Create an image for the ECS host whose vulnerability needs to be fixed. For details, see Creating a Full-ECS Image from an ECS. Use the image to create an ECS. For details, see Creating an ECS from an Image. Fix the vulnerability on the new ECS and verify the result.
Table 1 Parameters for increasing ECS quota Parameter Description Current Configuration The SecMaster edition in use in the selected region. No manual configuration is required. Upgrade Method Click Change Quota.
Table 1 Log transfer process Procedure Description (Optional) Step 1: Buy an ECS Install the log collector. (Optional) Step 2: Buy a Data Disk Ensure that there is enough space to run the log collector.
In the Add Node dialog box displayed, select the ECS node created in (Optional) Step 1: Buy an ECS and click OK. Figure 3 Selecting a node Click Next in the lower right corner of the page. On the Preview Channel Details page, confirm the configuration and click Save and Execute.
Go to the edition management window and verify that the subscription to the ECS quota billed yearly/monthly is canceled. Parent topic: Billing FAQs
Procedure (Optional) Step 1: Buy an ECS (Optional) Step 2: Buy a Data Disk (Optional) Step 3: Attach a Data Disk Step 4: Create a Non-administrator IAM User Step 5: Configure Network Connection Step 6: Install the Component Controller (isap-agent) Step 7: Install the Log Collection
Public services, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), Object Storage Service (OBS), Virtual Private Cloud (VPC), Elastic IP (EIP), and Image Management Service (IMS), are shared within the same region.
Table 1 Agency permissions Permission Description Assign To When to Use ECS FullAccess All permissions for ECS SecMaster_Agency Used to obtain the ECS asset information in the account when you purchase SecMaster for the first time.
Public services, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), Object Storage Service (OBS), Virtual Private Cloud (VPC), Elastic IP (EIP), and Image Management Service (IMS), are shared within the same region.
ECS Vulnerabilities SecMaster can display vulnerabilities scanned by HSS in real time. You can view vulnerability details and find fixing suggestions.
In the Add Node dialog box displayed, select the node in (Optional) Step 1: Buy an ECS and click OK. On the Configuration Management page, click Save and Apply in the lower right corner. Wait for a period of time.
Go to the edition management window and verify that the subscription to the ECS quota billed yearly/monthly is canceled.
FAQs How Do I Release an ECS or VPC Endpoint? Parent topic: Log Data Collection
Elastic Cloud Server (ECS) and Cloud Container Engine (CCE) The defense layers for the identity, data, and O&M security will be available soon. Adding an Emergency Policy: Emergency policies are used to quickly contain attacks.
Table 1 Asset sources and corresponding security products Asset Type Asset Name Source Security Product Cloud asset Servers Elastic Cloud Server (ECS) Host Security Service (HSS) Cloud asset Website Web Application Firewall (WAF) Web Application Firewall (WAF) Cloud asset Database
Elastic Cloud Server (ECS) and Cloud Container Engine (CCE) The defense layers for the identity, data, and O&M security have not been rolled out. Viewing Defense Policies Log in to the management console.
Use the forensic method to confirm that the data is secure before the restoration, and then restore the data from the backup or restore the data to an earlier snapshot of the ECS instance.
Top 5 Server Alert Types Last 7 days Hourly The top 5 ECS attack types by attack quantity in the last 7 days. If there is no ECS attack or no corresponding data table, the default types with zero attacks are displayed.
