Risk Monitoring
SecMaster has interconnected with Cloud Eye (CES). You can view SecMaster running indicators on the CES management console. Cloud Eye is a multi-dimensional monitoring platform provided by Huawei Cloud for a wide range of cloud resources. With Cloud Eye, you can learn about the resource usage and service running status on the cloud, receive alerts in a timely manner, and respond quickly to exceptions to keep your cloud services stable.
As a cloud security operation platform, SecMaster can access security alerts of other cloud services and display alerts by alert type and level. SecMaster can accurately monitor threats and attacks on the cloud in real time and detect security alert incidents in your assets. You can define and schedule threat alert notifications to learn about threats and risks in a timely manner. The notification items you can define include threat list, alert type, and risk severity. This feature helps you learn about your security status in a timely manner.
For details about how to enable and configure CTS, see Enabling CTS.
Incident Source |
Incident |
Alert Severity |
Description |
Handling Suggestion |
Impact |
|---|---|---|---|---|---|
SYS.SecMaster |
Failed to create an exclusive engine. |
Major |
The underlying resources are insufficient. |
Submit a service ticket to request adequate resources from the O&M personnel and try again. |
Tn exclusive engine cannot be created. |
SYS.SecMaster |
The exclusive engine is not running properly. |
Critical |
The traffic is too heavy or there are malicious processes or plug-ins. |
|
The instance cannot be executed. |
SYS.SecMaster |
Failed to execute the playbook instance. |
Minor |
Playbooks or processes are wrongly configured. |
Check the instance monitoring information to find the cause of the failure, and modify the playbook and process configuration. |
None |
SYS.SecMaster |
The number of playbook instances increases sharply. |
Minor |
Playbooks or processes are wrongly configured. |
Check the instance monitoring information to find the cause of the sharp increase, and modify the playbook and process configuration. |
None |
SYS.SecMaster |
Log messages increase sharply. |
Major |
The upstream service suddenly generates a large number of logs. |
Check whether the upstream service is normal. |
None |
SYS.SecMaster |
Log messages decrease sharply. |
Major |
Logs generated by the upstream service suddenly decrease. |
Check whether upstream services are normal. |
None |
For details about monitoring alerts, see:
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
