Security Analysis Overview
The security analysis function works as a cloud native security information and event management (SIEM) solution in SecMaster. It can collect, aggregate, and analyze security logs and alarms from multiple products and sources based on predefined and user-defined threat detection rules. It helps quickly detect and respond to security incidents and protect cloud workloads, applications, and data.
Cloud services and logs that can be interconnected with SecMaster
SecMaster can integrate logs of multiple Huawei Cloud services, such as Web Application Firewall (WAF), Host Security Server (HSS), and Object Storage Service (OBS). You can search for and analyze all collected logs in SecMaster. By default, the logs are stored for 7 days.
For details, see Log Access Supported by SecMaster.
Limitations and Constraints
- A maximum of 500 results can be returned for a single analysis query.
- A maximum of 50 shortcut queries can be created in a pipeline. That is, a maximum of 50 query analysis criteria can be saved as shortcut queries.
- A maximum of 5 data spaces can be created in a workspace, and a maximum of 20 pipelines can be created in a data space.
- A maximum of 64 shards can be allocated to a pipeline.
- The maximum data retention period in a pipeline is 180 days.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.