检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Prerequisites You have enabled access to HSS alerts and toggled on the automatic conversion of logs into alerts function on the Log Audit > Cloud Service Access page in the current workspace. For details, see Enabling Log Access.
Figure 1 Workspace management page In the navigation pane on the left, choose Log Audit > Collections. Then, select the Parsers tab. Figure 2 Accessing the Parsers tab page Customize a parser or create a parser from a template.
Figure 4 Workspace management page In the navigation pane on the left, choose Log Audit > Security Data. On the security analysis page displayed, click the Data Delivery tab. On the Data Delivery tab, click the Delivery Permissions tab.
Figure 1 Workspace management page In the navigation pane on the left, choose Log Audit > Security Data. Figure 2 Accessing the Security Analysis tab In the data space navigation tree on the left, click a data space name to show the pipeline list. Click a pipeline name.
After enabling log integration, you can query them on the Log Audit > Security Data page.
Figure 4 Workspace management page In the navigation pane on the left, choose Log Audit > Security Data. On the security analysis page displayed, click the Data Delivery tab. On the Data Delivery tab, click the Delivery Permissions tab.
Figure 1 Workspace management page In the navigation pane on the left, choose Log Audit > Collections. Then, select the Collection Channels tab. Figure 2 Accessing the Collection Channels tab Add a log collection channel group.
Related audit logs and alert data are synchronized to SecMaster. Ensure the security of databases and assets on the cloud. DBSS Service Overview Parent topic: Product Consulting
In the navigation pane on the left, choose Log Audit > Components. On the displayed page, click the target node. Check workspace ID and project ID in the command output.
In the navigation pane on the left, choose Log Audit > Collections. Then, select the Parsers tab. Click Edit in the Operation column of the row containing the target parser. On the edit page, delete the incorrect configuration and configure it again.
Cloud Trace Service (CTS) CTS generates traces to enable you to get a history of operations performed on SecMaster, allowing you to query, audit, and backtrack resource operation requests initiated from the management console as well as the responses to those requests.
Figure 1 Workspace management page In the navigation pane on the left, choose Log Audit > Security Data. Figure 2 Accessing the Security Analysis tab In the data space navigation tree on the left, click the data space name to expand all pipelines.
Figure 3 Workspace management page In the navigation pane on the left, choose Log Audit > Collections. Then, select the Collection Channels tab.
× √ √ Log Audit You can enable SecMaster to access cloud service logs and integrate security data so that you can query and analyze logs using query and analysis syntax for log audit. You can also sort out log audit results.
In the navigation pane on the left, choose Log Audit > Components. Deregister a node. On the Nodes tab, locate the row that contains the target node and click Deregister in the Operation column. In the displayed dialog box, click OK. Delete the VPC endpoint.
Before using baseline inspection, alert management, log audit, and security orchestration in SecMaster, you need to create at least one workspace first. You can use workspaces to group your resources by application scenario. This will make security operations more efficient.
Figure 1 Workspace management page In the navigation pane on the left, choose Log Audit > Security Data. Figure 2 Accessing the Security Analysis tab Create a data space. In the upper left corner of the data space list, click Add.
Figure 1 Workspace management page In the navigation pane on the left, choose Log Audit > Security Data. Figure 2 Accessing the Security Analysis tab In the data space navigation tree on the left, click a data space name to show the pipeline list. Click a pipeline name.
Log Audit Function description: It collects varied types of log data and stores the collected data for security analysis. You can set New Log for each day and Log Retention Duration.
CN-Hong Kong, TR-Istanbul, AP-Bangkok, AF-Johannesburg, LA-Mexico City2, LA-Sao Paulo1, LA-Santiago, AP-Jakarta, ME-Riyadh, AF-Cairo, and AP-Manila cfw-flow Traffic logs cfw-risk Attack logs O&M security Cloud Bastion Host (CBH) Tenant-side cloud service cbh-audit Bastion host audit
