- What's New
- Function Overview
- Service Overview
- Billing
- Getting Started
- User Guide
- Best Practices
- SDK Reference
-
FAQs
-
Product Consulting
- What Does SA Do?
- Why Is There No Attack Data or Only A Small Amount of Attack Data?
- What Is the Data Source of Situation Awareness?
- How Do I Get Information About the Most Vulnerable Assets?
- What Are the Dependencies and Differences Between SA and Other Security Services?
- What Are the Differences Between SA and HSS?
- Why Cannot the Total ECS Quota Be Less Than the Number of Existing ECSs?
- Can SA Be Used Across Accounts?
- How Do I Update My Security Score?
- How Do I Handle a Brute-force Attack?
- How Do I Assign Operation Permissions to an Account?
- How Do I Handle the 403 forbidden Error Reported by SA?
- Why Is the Event Data in SA Inconsistent with That in WAF and HSS?
- What Are Differences Between SA and SecMaster?
- Purchase Consulting
- Regions and AZs
-
Product Consulting
- Videos
-
More Documents
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Edition Upgrade
- Permissions Management
- Editions
- Security Overview
- Resource Manager
- Threat Alarms
- Baseline Inspection
- Events
- Logs
- Integrations
- Settings
-
FAQs
-
Product Consulting
- What Does SA Do?
- Why Is There No Attack Data or Only A Small Amount of Attack Data?
- What Is the Data Source of Situation Awareness?
- How Do I Get Information About the Most Vulnerable Assets?
- What Are the Dependencies and Differences Between SA and Other Security Services?
- Why Cannot the Total ECS Quota Be Less Than the Number of Existing ECSs?
- How Do I Update My Security Score?
- How Do I Handle a Brute-force Attack?
- How Do I Assign Operation Permissions to an Account?
- Why Is the Event Data in SA Inconsistent with That in WAF and HSS?
- Purchase Consulting
-
Product Consulting
- Change History
-
User Guide (ME-Abu Dhabi Region)
- General Reference
Copied.
Managing Integrations
SA integrates a variety of security products to aggregate their detection data and manage all findings in one place.
If you want to aggregate events from other products, click My Recommendations in the upper right corner of the Integrations page and provide details about the product.
This topic walks you through how to manage security product integrations, including enabling and disabling a product integration.
Enabling an Integration
- Log in to the management console.
- Click in the upper left corner of the page and choose Security > Situation Awareness > Integrations.
Figure 1 Integrations
- Query the security products you want to aggregate in SA.
Select the Disabled Integrations tab and search for security products you want to enable. For more query methods, see Viewing Integrations.
- Start to receive events.
Locate the product whose detection data you want to receive in SA and enable the integration.
About 5 minutes after you enable an integration, you will receive the detection data reported by the product.
NOTE:To let SA receive the product events properly, ensure that the corresponding protection of the product has been enabled.
Disabling an Integration
- Query the security products that have been aggregated in SA.
Select the Enabled Integrations tab and search for security products you want. For more query methods, see Viewing the Integration List.
- Stop to receive results.
Locate the product whose detection data you no longer want to receive in SA and disable the integration.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot