检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Query and Analysis Syntax - V2 Overview Retrieval SQL Syntax Reference SecMaster SQL Syntax Reference Functions Parent topic: Log Audit
Query and Analysis Syntax - V1 Overview Query Statements Analysis Statements Parent topic: Log Audit
Audit Logs Audit Cloud Trace Service (CTS) records operations on the cloud resources in your account. You can use the logs generated by CTS to perform security analysis, track resource changes, audit compliance, and locate faults.
Checking Log Audit Overview You can learn about the overall log audit status for the statistical period in the current workspace. Checking Log Audit Overview Log in to the SecMaster console. Click in the upper left corner of the management console and select a region or project.
After enabling CTS, you can view all generated traces to query, audit, and review performed SecMaster operations. For details, see Cloud Trace Service User Guide. Table 1 shows the details about the SecMaster operations on CTS.
Log Audit Log Audit Overview Security Analysis Query and Analysis Syntax - V1 Query and Analysis Syntax - V2 Data Delivery Cloud Service Access Log Data Collection
Log Audit Overview Checking Log Audit Overview Parent topic: Log Audit
Collection Channel Verifying Log Collection Managing Connections Managing Parsers Managing Collection Channels Viewing Collection Nodes Managing Nodes and Components Logstash Configuration Description Connector Rules Parser Rules Upgrading the Component Controller Parent topic: Log Audit
Value-added package (large screen, log audit, security analysis, and security orchestration) Changing the billing mode Not supported Only the professional edition supports changing the billing mode from pay-per-use to yearly/monthly.
Cloud Service Access Cloud Service Log Access Supported by SecMaster Enabling Log Access Parent topic: Log Audit
Figure 1 Workspace management page In the navigation pane on the left, choose Log Audit > Collections. Then, select the Collection Channels tab.
Security Shared Responsibilities Identity Authentication and Access Control Data Protection Technologies Audit Logs Service Resilience Using Cloud Eye to Monitor SecMaster Certificates Security Orchestration
Figure 1 Workspace management page In the navigation pane on the left, choose Log Audit > Collections. Figure 2 Accessing the connection management page On the Connections tab, view connection details.
Figure 7 Workspace management page In the navigation pane on the left, choose Log Audit > Collections. Then, select the Parsers tab.
Figure 1 Workspace management page In the navigation pane on the left, choose Log Audit > Collections. Then, select the Collection Channels tab.
Data Delivery Overview Delivering Logs to Other Data Pipelines Delivering Logs to OBS Delivering Logs to LTS Managing Data Delivery Parent topic: Log Audit
Security Analysis Overview Configuring Indexes Querying and Analyzing Logs Log Fields Quickly Adding a Log Alert Model Viewing Results in a Chart Downloading or Exporting Logs Managing Data Spaces Managing Pipelines Enabling Data Consumption Enabling Data Monitoring Parent topic: Log Audit
Figure 3 Workspace management page In the navigation pane on the left, choose Log Audit > Security Data. On the security analysis page displayed, select the Data Delivery tab.
Data aggregated into SecMaster can be retained for up to 180 days to meet audit requirements.
Figure 10 Workspace management page In the navigation pane on the left, choose Log Audit > Security Data. Figure 11 Accessing the Security Analysis tab In the row containing the target data space, click Delete in the Operation column.
