Handling Attacks

Scenario

This section describes how to handle attacks. For attacks reported by other security products, you can handle, disable, or ignore alerts on SecMaster.

Closing an alert: If an alert has been manually handled, you can close it.
Ignoring an alert: If the risk of an alert is controllable, you can ignore the alert. The next time this type of alert is triggered, a new alert will be generated.

Handling Attacks

Log in to the SecMaster console.
Click in the upper left corner of the management console and select a region or project.
Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.

Figure 1 Workspace management page
In the navigation pane on the left, choose Threats > Alerts.

Figure 2 Alerts
On the Alerts page, click the Attack tab.
In the alert list, locate the row that contains the target alert, click Dispose in the Operation column. The configuration page is displayed on the right.

You can also go to the details page of the target alert and click Handle in the upper right corner of the page.

On the handling configuration page, set attack handling parameters.

**Table 1** Parameter description
Parameter	Description
Handling Method	I already handled it: If an alert has been manually handled, you can close it. Ignore: If the risk of an alert is controllable, you can ignore the alert. The next time this type of alert is triggered, a new alert will be generated.
Batch Handle	Handle the alerts of the same type but that were generated at different times all at once.: Select this option if you want to merge alerts of the same type but that were generated at different times all at once.
Remarks	Enter the remarks for handling the attack alarm as required.

After the configuration is complete, click OK. The Alert handled message is displayed.
On the displayed page, click OK.

Related Operations

View attacks. For details, see Viewing Attack Details.
Export attacks. For details, see Exporting Attacks.
For details about the differences between alerts and attacks, see Overview.

Parent topic: Alerts

Previous topic: Importing and Exporting Alerts

Next topic: Indicators

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel