检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
On the displayed slide-out panel on the right, you can view the audit description, suggestion, and affected images of the check item. Password Complexity Policy Risks Check Affected Images and Policy Risks, and modify your password complexity policies based on Suggestion.
Its value can be: Low Medium High scan_result String Version check result. pass failed status String Status safe: No action is required. ignored: ignored unhandled: not handled check_rule_desc String Rule description audit String Audit description remediation String Modification suggestions
Example: administrators, database users, audit users Open Control Panel. Click Administrative Tools. Open Computer Management. Choose System Tools > Local Users and Groups. Create users and groups as needed. Periodically check and delete unnecessary accounts.
In the row of a baseline item, click View Details in the Operation column to view the check item description, audit description, and suggestions. You can fix the baseline items that failed to pass the check based on the suggestions.
166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 apiVersion: v1 kind: Namespace metadata: labels: admission.gatekeeper.sh/ignore: no-self-managing control-plane: controller-manager gatekeeper.sh/system: "yes" pod-security.kubernetes.io/audit
Example: administrators, database users, audit users Open Control Panel. Click Administrative Tools. Open Computer Management. Choose System Tools > Local Users and Groups. Create users and groups as needed. Periodically check and delete unnecessary accounts.
Login Audit After this function is enabled, the system reports successful SSH logins, detects remote logins, and generates alarms for remote logins. Confirm the information and click OK.
You can use the following examples to learn how to query a specific trace: Use CTS to audit Elastic Volume Service (EVS) creation and deletion operations from the last two weeks. For details, see Security Auditing.
Table 26 Container audit Function Description Basic Edition Professional Edition Enterprise Edition Premium Edition WTP Edition Container Edition Container audit Keep track of the operations and activities in your container clusters, gaining insight into every phase of the container
Login Audit After this function is enabled, the system reports successful SSH logins, detects remote logins, and generates alarms for remote logins. Confirm the information and click OK. HSS will perform login security detection on the server based on the configured policies.
enterprise_project_id=xxx Example Responses Status code: 200 Request succeeded. { "total_num" : 1, "data_list" : [ { "check_name" : "Docker", "check_rule_num" : 25, "check_type" : "Docker", "check_type_desc" : "Configuring security audit of Docker's host configurations
195, "data_list" : [ { "app_name" : "acl", "app_type" : "rpm", "app_version" : "2.2.53-7.h1.eulerosv2r9", "vul_num" : 0 }, { "app_name" : "attr", "app_type" : "rpm", "app_version" : "2.4.48-12.eulerosv2r9", "vul_num" : 0 }, { "app_name" : "audit
Rule: Use the MySQL audit plug-in. Viewing Baseline Check Overview Information Log in to the HSS console. Click in the upper left corner and select a region or project. In the navigation pane on the left, choose Risk Management > Baseline Checks.
Linux system configurations: iptables rules Windows system configurations: Firewall rules System login event audit policy and the configuration of login security layer and authentication mode Windows Remote Management trusted server list Restrictions on Brute-force Attack Defense
operations that can be recorded by CTS Operation Resource Type Trace Name Query container image operation logs hss listContainerImageLogs Query the container image list hss listContainerImages Query the container basic information list hss listContainers Query the Kubernetes cluster audit
