Viewing Application Protection
After application protection is enabled, you can view the application protection status and events on the application protection page.
Prerequisites
Application protection has been enabled. For details, see Enabling Application Protection.
Constraints
- Currently, only Linux servers are supported.
- So far, only Java applications can be protected.
- The premium, WTP, and container editions support operations related to application protection.
Viewing Protection Settings
- Log in to the management console.
- In the upper left corner of the page, select a region, click , and choose Security & Compliance > HSS.
- Choose Prevention > Application Protection. Click the Protected Servers tab.
If your servers are managed by enterprise projects, you can select an enterprise project to view or operate the asset and scan information.
Figure 1 Viewing protection settings
- Click the Protection Servers tab and check the server list. The server parameters are as follows.
Table 1 Parameter description Parameter
Description
Server Name/ID
Server name and ID
IP Address
Private IP address and EIP of the server
OS
Server OS
Server Group
Group that the server belongs to
Policy
Detection policies bound to the target server.
Protection Status
Protection status of a server
- Protected
- Unprotected
Microservice Protection
Microservice protection status. Its value can be:
- Active
- Installing
- Configuration pending
- Installation failed
RASP Protection.
RASP protection status. Its value can be:
- Installing
- Configuration pending
- Installation failed
Detected Attacks
Number of attacks detected by RASP.
Viewing Events
- Log in to the management console and go to the HSS page.
- Choose Table 2.
and click the Events tab. For details about the parameters, see To view the events of a server, click View Report in the Operation column of the target server.
If your servers are managed by enterprise projects, you can select an enterprise project to view or operate the asset and scan information.
Figure 2 Protection events
Table 2 Event parameters Parameter
Description
Severity
Alarm severity. You can search for servers by alarm severities.
- Critical
- High
- Medium
- Low
Server Name
Server that triggers an alarm
Alarm Name
Alarm name
Alarm Time
Time when an alarm is reported
Attack Source IP Address
IP address of the server that triggers the alarm
Attack Source URL
URL of the server that triggers the alarm
- You can click an alarm name to view the attack information (such as the request information and attack source IP address) and extended information (such as detection rule ID and description), and troubleshoot the problem accordingly.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.