Updated on 2025-06-25 GMT+08:00
Overview
Basic Concepts
- Template: SecMaster provides built-in analysis rule templates (including scenario description, model principles, handling suggestions, and usage restrictions). You can use the built-in templates to quickly create models.
- Model: Models are created from templates. SecMaster uses models to scan logs in pipelines. If SecMaster detects data that hits the trigger in a model, SecMaster generates an alert.
Scenarios
This section describes how to manage model templates.
- Viewing Model Templates: SecMaster provides a variety of scenario-based preset model templates. You can view the template details, including scenario description, model principles, handling suggestions, and usage restrictions.
- Creating and Editing a Model: SecMaster can use models to monitor log data in pipelines. If SecMaster detects the data that hits trigger conditions in a model, SecMaster generates an alert. You can create a model by referring to Creating an Alert Model Using a Preconfigured Model Template or Creating a Custom Alert Model. If the model information changes, you can update the model by referring to Editing a Model.
- Viewing a Model: You can view the severity of alerts a mode generated and the model list. In the model list, you can check the severity, name/ID, pipeline name, type, creation time, and upgrade time of each model.
- Managing Models: You can enable, disable, and delete a model.
Parent topic: Intelligent Modeling
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
The system is busy. Please try again later.
