SecMaster
SecMaster
All results for "
" in this service
All results for "
" in this service
What's New
What's New
Function Overview
Service Overview
SecMaster Infographics
What Is SecMaster?
Product Advantages
Application Scenarios
Edition Differences
Functions
Personal Data Protection
Experience Packages
Preconfigured Playbooks
Limitations and Constraints
Permissions Management
SecMaster and Other Services
Basic Concepts
SOC
Security Overview and Situation Overview
Workspaces
Alert Management
Security Orchestration
Security Analysis
Billing
Billing Overview
Billing Modes
Overview
Yearly/Monthly Billing
Pay-per-Use Billing
Billing Items
Billing Examples
Changing the Billing Mode
Overview
Renewing Your Subscription
Overview
Manually Renewing SecMaster
Auto-renewing SecMaster
Bills
About Arrears
Billing Termination
Cost Management
Billing FAQs
How Is SecMaster Billed?
Can I Use SecMaster for Free?
How Do I Change or Disable Auto Renewal for SecMaster?
Will SecMaster Be Billed After It Expires?
How Do I Renew SecMaster?
Where Can I Unsubscribe from SecMaster?
Getting Started
How to Buy and Use SecMaster Basic Edition
How to Buy and Use SecMaster Standard Edition
How to Buy and Use SecMaster Professional Edition
Getting Started Through Common Practices
User Guide
Buying SecMaster
Buying SecMaster
Buying Value-Added Packages
Upgrading the Service Edition
Increasing Quotas
Authorizing SecMaster
Checking Security Overview
Workspaces
Workspace Overview
Creating a Workspace
Managing Workspaces
Viewing a Workspace
Editing a Workspace
Deleting a Workspace
Managing Workspace Tags
Workspace Agencies
Creating a Workspace Agency
Managing Agencies
Viewing Purchased Resources
Security Situation
Checking the Situation Overview
Checking Security Situation through Large Screens
Large Screen Overview
Overall Situation Screen
Monitoring Statistics Screen
Asset Security Screen
Threat Situation Screen
Vulnerable Assets Screen
Security Reports
Creating and Copying a Security Report
Viewing a Security Report
Downloading a Security Report
Managing Security Reports
Task Center
Viewing To-Do Tasks
Handling a To-Do Task
Viewing Completed Tasks
Resource Manager
Overview
Configuring the Asset Subscription
Viewing Asset Information
Importing and Exporting Assets
Editing or Deleting an Asset
Risk Prevention
Baseline Inspection
Overview
Starting an Immediate Baseline Check
Performing a Scheduled Baseline Check
Performing a Manual Baseline Check
Viewing Baseline Check Results
Handling Check Results
Managing Compliance Packs
Managing Check Items
Managing Check Plans
Vulnerabilities
Overview
Viewing Vulnerability Details
Fixing Vulnerabilities
Ignoring and Unignoring a Vulnerability
Importing and Exporting Vulnerabilities
Security Policies
Overview
Adding a Security Policy
Managing Security Policies
Threats
Incidents
Viewing Incidents
Adding and Editing an Incident
Importing and Exporting Incidents
Closing and Deleting an Incident
Alerts
Overview
Viewing Alert Details
Suggestions on Handling Common Alerts
Converting an Alert into an Incident or Associating an Alert with an Incident
One-Click Blocking or Unblocking
Closing and Deleting an Alert
Adding and Editing an Alert
Importing and Exporting Alerts
Handling Attacks
Indicators
Overview
Adding and Editing an Indicator
Closing and Deleting an Indicator
Importing and Exporting Indicators
Viewing Indicators
Intelligent Modeling
Overview
Viewing Model Templates
Creating and Editing a Model
Viewing a Model
Managing Models
Security Analysis
Overview
Configuring Indexes
Querying and Analyzing Logs
Log Fields
Quickly Adding a Log Alert Model
Viewing Results in a Chart
Downloading or Exporting Logs
Managing Data Spaces
Managing Pipelines
Enabling Data Consumption
Enabling Data Monitoring
Query and Analysis Syntax
Overview
Query Statements
Analysis Statements
SELECT
GROUP BY
HAVING
ORDER BY
LIMIT
Functions
Aggregate Functions
Data Delivery
Overview
Delivering Logs to Other Data Pipelines
Delivering Logs to OBS
Delivering Logs to LTS
Managing Data Delivery
Security Orchestration
Overview
Playbooks
Enabling a Workflow
Enabling a Playbook
Managing Workflows
Managing Workflow Versions
Managing Playbooks
Managing Playbook Versions
Managing an Asset Connection
Viewing Monitored Playbook Instances
Objects
Overview
Viewing Data Classes
Managing Alert Types
Managing Incident Types
Viewing Threat Intelligence Types
Managing Vulnerability Types
Viewing Custom Types
Managing Categorical Mappings
Creating a Custom Layout
Viewing Layouts
Viewing a Layout Template
Viewing Plug-in Details
Playbook Overview
Ransomware Incident Response Solution
Attack Link Analysis Alert Notification
Playbook Overview
Configuring Playbooks
HSS Isolation and Killing of Malware
Playbook Overview
Configuring Playbooks
Automatic Renaming of Alert Names
Auto High-Risk Vulnerability Notification
Automatic Notification of High-Risk Alerts
Auto Blocking for High-risk Alerts
Settings
Data Integration
Cloud Service Log Access Supported by SecMaster
Enabling Log Access
Log Data Collection
Overview
Adding a Node
Partitioning a Disk
Configuring a Component
Adding a Connection
Creating and Editing a Parser
Adding and Editing a Collection Channel
Verifying Log Collection
Managing Connections
Managing Parsers
Managing Collection Channels
Viewing Collection Nodes
Managing Nodes and Components
Logstash Configuration Description
Connector Rules
Parser Rules
Upgrading the Component Controller
Directory Customization
Permissions Management
Creating a User and Granting Permissions
SecMaster Custom Policies
SecMaster Permissions and Supported Actions
Key Operations Recorded by CTS
SecMaster Operations Recorded by CTS
Viewing CTS Traces in the Trace List
Best Practices
Log Access and Transfer Operation Guide
Solution Overview
Resource Planning
Process Flow
Procedure
(Optional) Step 1: Buy an ECS
(Optional) Step 2: Buy a Data Disk
(Optional) Step 3: Attach a Data Disk
Step 4: Create a Non-administrator IAM User
Step 5: Configure Network Connection
Step 6: Install the Component Controller (isap-agent)
Step 7: Install the Log Collection Component (Logstash)
(Optional) Step 8: Creating a Log Storage Pipeline
Step 9: Configure a Connector
(Optional) Step 10: Configure a Log Parser
Step 11: Configure a Log Collection Channel
Step 12: Verify Log Access and Transfer
Credential Leakage Response Solution
API Reference
Before You Start
API Overview
Calling APIs
Making an API Request
Authentication
Response
API
Alert Management
Searching for an Alert List
Creating an Alert Rule
Deleting an Alert
Converting an Alert to an Incident
Querying Alert Detail
Updating an Alert
Incident Management
Querying the Incident List
Creating an Incident
Deleting an Incident
Obtaining Details of an Incident
Updating an Incident
Indicator Management
Query the intelligence indicator list
Creating an Indicator
Deleting an Indicator
Querying Indicator Details
Updating Indicators
Playbook Management
Playbook Running Monitoring
Querying Playbook Statistic Data
Querying the Playbook List
Creating a Playbook
Querying Playbook Details
Deleting a Playbook
Modifying a Playbook
Alert Rule Management
Listing Alert Rules
Creating an Alert Rule
Deleting an Alert Rule
Querying an Alert Rule
Updating an Alert Rule
Simulating an Alert Rule
Total number of alert rules
Enabling an Alert Rule
Disabling an Alert Rule
Listing Alert Rule Templates
Viewing Alert Rule Templates
Playbook Version Management
Cloning a Playbook and Its Version
Querying the Playbook Version List
Creating a Playbook Version
Querying Playbook Version Details
Deleting a Playbook Version
Updated the playbook version
Playbook Rule Management
Querying Playbook Rule Details
Deleting a Playbook Rule
Creating a Playbook Rule
Updating a Playbook Rule
Playbook Instance Management
Querying the Playbook Instance List
Querying Playbook Instance Details
Operation Playbook Instance
Querying the Playbook Topology
Querying Playbook Instance Audit Logs
Playbook Approval Management
Reviewing a Playbook
Querying Playbook Review Result
Playbook Action Management
Querying the Playbook Workflow
Creating a Playbook Action
Delete Playbook Action
Updating a Playbook Workflow
Incident Relationship Management
Querying the Associated Data Object List
Associating a Data Object
Canceling Association with a Data Object
Data Class Management
Querying the Data Class List
Querying the Data Class List
Workflow Management
Querying the Workflow List
Data Space Management
Creating a Data Space
Pipelines
Creating a Data Pipeline
Workspace Management
Creating a Workspace
Querying the Workspace List
Metering and Billing
On-Demand Subscription of SecMaster
Metric Query
Querying Metrics in Batches
Baseline Inspection
Search Baseline Check Results
Appendix
Status Codes
Error Codes
Obtaining a Project ID
About Metrics
FAQs
Product Consulting
What Are the Dependencies and Differences Between SecMaster and Other Security Services?
What Are the Differences Between SecMaster and HSS?
What Are the Relationships and Differences Between SecMaster and SA?
Where Does SecMaster Obtain Its Data From?
About Purchase and Specifications Change
Why Cannot the Total ECS Quota Be Less Than the Number of Existing ECSs?
How Do I Obtain Permissions to Purchase SecMaster?
How Do I Change SecMaster Editions or Specifications?
Security Situation
How Do I Update My Security Score?
Why Is There No Attack Data or Only A Small Amount of Attack Data?
Why Is Data Inconsistent or Not Displayed on the Security Overview Page?
Threat Management
How Do I Handle a Brute-force Attack?
How Do I Check the Storage Space Used by All Logs?
Data Integration
How Long Are Logs Stored in SecMaster?
Data Collection
Why Did the Component Controller Failed to Be Installed?
How Are Collection Node or Collection Channel Faults Handled?
Which Commands Are Commonly Used for the Component Controller?
How Do I Release an ECS or VPC Endpoint?
Permissions Management
Can I Use SecMaster Across Accounts?
How Do I Grant Permissions to an IAM User?
Regions and AZs
What Are Regions and AZs?
Videos