SecMaster
SecMaster

    All results for "" in this service

      All results for "" in this service

      • What's New
      • Function Overview
      • Technology Poster
        • Infographics
          • Getting to Know Huawei Cloud SecMaster: A Next-Generation Cloud Security Operations Center
          • SecMaster: Enjoy Out-of-the-Box Security Operations
          • SecMaster Core Functions: Asset Management and Log Collection
          • Struggling with Security Compliance? SecMaster Baseline Inspection: One-Click Security Compliance and Custom Compliance Packs, Making It Easy to Win
      • Service Overview
        • SecMaster Infographic
        • What Is SecMaster?
        • Product Advantages
        • Application Scenarios
        • Edition Differences
        • Functions
        • Personal Data Protection
        • Experience Packages
          • Built-in Check Items
          • Preconfigured Playbooks
          • Preset Types
        • Limitations and Constraints
        • Security
          • Shared Responsibilities
          • Identity Authentication and Access Control
          • Data Protection Technologies
          • Audit Logs
          • Service Resilience
          • Using Cloud Eye to Monitor SecMaster
            • Events Supported by Event Monitoring
            • Creating an Alarm Rule and Notification for Event Monitoring
          • Certificates
          • Security Orchestration
        • Permissions Management
        • SecMaster and Other Services
        • Basic Concepts
          • SOC
          • Security Overview and Situation Overview
          • Workspaces
          • Alert Management
          • Security Orchestration
          • Security Analysis
      • Billing
        • Billing Overview
        • Billing Items
        • Billing Modes
          • Overview
          • Yearly/Monthly Billing
          • Pay-per-Use Billing
        • Billing Examples
        • Changing the Billing Mode
          • Overview
          • Changing the Billing Mode from Pay-per-Use to Yearly/Monthly
        • Renewing Your Subscription
          • Overview
          • Manually Renewing SecMaster
          • Auto-renewing SecMaster
        • Bills
        • About Arrears
        • Billing Termination
        • Cost Management
        • Billing FAQs
          • How Is SecMaster Billed?
          • Can I Use SecMaster for Free?
          • How Do I Change or Disable Auto Renewal for SecMaster?
          • Will SecMaster Be Billed After It Expires?
          • How Do I Renew SecMaster?
          • Where Can I Unsubscribe from SecMaster?
          • Where Can I View the Remaining Quotas of Security Data Collection and Security Data Packages?
          • Can I Change the Billing Mode for SecMaster?
      • Getting Started
        • How to Buy and Use SecMaster Basic Edition
        • How to Buy and Use SecMaster Standard Edition
        • How to Buy and Use SecMaster Professional Edition
        • Getting Started Through Common Practices
      • User Guide
        • Buying SecMaster
          • Buying SecMaster
          • Buying Value-Added Packages
          • Upgrading the Service Edition
          • Increasing Quotas
        • Authorizing SecMaster
        • Checking Security Overview
        • Workspaces
          • Workspace Overview
          • Creating a Workspace
          • Managing Workspaces
            • Viewing a Workspace
            • Editing a Workspace
            • Deleting a Workspace
            • Managing Workspace Tags
          • Workspace Agencies
            • Creating a Workspace Agency
            • Managing Agencies
        • Multi-Account Management
        • Viewing Purchased Resources
        • Security Governance
          • Security Governance Overview
          • Security Compliance Pack Description
          • Authorizing SecMaster to Access Cloud Service Resources
          • Subscribing to or Unsubscribing from a Compliance Pack
          • Starting a Self-Assessment
          • Viewing Security Compliance Overview
          • Viewing Evaluation Results
          • Viewing Policy Scanning Results
          • Downloading a Compliance Report
        • Situation Awareness
          • Checking the Situation Overview
          • Checking Security Situation through Large Screens
            • Large Screen Overview
            • Overall Situation Screen
            • Monitoring Statistics Screen
            • Asset Security Screen
            • Threat Situation Screen
            • Vulnerable Assets Screen
          • Security Reports
            • Creating and Copying a Security Report
            • Checking a Security Report
            • Downloading a Security Report
            • Managing Security Reports
          • Task Center
            • Viewing To-Do Tasks
            • Handling a To-Do Task
            • Viewing Completed Tasks
          • AI Risk Overview
        • Resource Manager
          • Overview
          • Configuring the Asset Subscription
          • Viewing Asset Information
          • Importing and Exporting Assets
          • Editing or Deleting an Asset
        • Risk Prevention
          • Baseline Inspection
            • Overview
            • Starting an Immediate Baseline Check
            • Performing a Scheduled Baseline Check
            • Performing a Manual Baseline Check
            • Viewing Baseline Check Results
            • Handling Check Results
            • Managing Compliance Packs
            • Managing Check Items
            • Managing Check Plans
          • Vulnerabilities
            • Overview
            • Viewing Vulnerability Details
            • Fixing Vulnerabilities
            • Ignoring and Unignoring a Vulnerability
            • Importing and Exporting Vulnerabilities
          • Security Policies
            • Overview
            • Viewing and Configuring Defense Policies
            • Adding an Emergency Policy
            • Managing Emergency Policies
          • Viewing and Exporting Emergency Vulnerability Notices
        • Threats
          • Incidents
            • Viewing Incidents
            • Adding and Editing an Incident
            • Importing and Exporting Incidents
            • Closing and Deleting an Incident
          • Alerts
            • Overview
            • Viewing Alert Details
            • Suggestions on Handling Common Alerts
            • Converting an Alert into an Incident or Associating an Alert with an Incident
            • One-Click Blocking or Unblocking
            • Closing and Deleting an Alert
            • Adding and Editing an Alert
            • Importing and Exporting Alerts
            • Handling Attacks
          • Indicators
            • Overview
            • Adding and Editing an Indicator
            • Closing and Deleting an Indicator
            • Importing and Exporting Indicators
            • Viewing Indicators
        • Log Audit
          • Log Audit Overview
            • Checking Log Audit Overview
          • Security Analysis
            • Overview
            • Configuring Indexes
            • Querying and Analyzing Logs
            • Log Fields
            • Quickly Adding a Log Alert Model
            • Viewing Results in a Chart
            • Downloading or Exporting Logs
            • Managing Data Spaces
            • Managing Pipelines
            • Enabling Data Consumption
            • Enabling Data Monitoring
          • Query and Analysis Syntax - V1
            • Overview
            • Query Statements
            • Analysis Statements
              • SELECT
              • GROUP BY
              • HAVING
              • ORDER BY
              • LIMIT
              • Functions
              • Aggregate Functions
          • Query and Analysis Syntax - V2
            • Overview
            • Retrieval SQL Syntax Reference
              • Overview
              • Query Statements
              • Analysis Statements
                • SELECT
                • GROUP BY
                • HAVING
                • ORDER BY
                • LIMIT
                • Functions
                • Aggregate Functions
            • SecMaster SQL Syntax Reference
              • Supported Data Types
              • Syntax
                • Data Query Language (DQL) Syntax
              • Data Query Language (DQL) Syntax
                • WITH
                • SELECT
                • UNION
                • Union/Union ALL
                • PROCTIME
                • Window
                • JOIN
                • OrderBy & Limit
                • Top-N
                • Deduplication
                • Reserved Keywords
            • Functions
              • Comparison Functions
              • Logical Functions
              • Arithmetic Functions
              • String Functions
              • Temporal Functions
              • Conditional Functions
              • Type Conversion Functions
              • Collection Functions
              • Hash Functions
              • Aggregate Functions
          • Data Delivery
            • Overview
            • Delivering Logs to Other Data Pipelines
            • Delivering Logs to OBS
            • Delivering Logs to LTS
            • Managing Data Delivery
          • Cloud Service Access
            • Cloud Service Log Access Supported by SecMaster
            • Enabling Log Access
          • Log Data Collection
            • Overview
            • Adding a Node
            • Partitioning a Disk
            • Configuring a Component
            • Adding a Connection
            • Creating and Editing a Parser
            • Adding and Editing a Collection Channel
            • Verifying Log Collection
            • Managing Connections
            • Managing Parsers
            • Managing Collection Channels
            • Viewing Collection Nodes
            • Managing Nodes and Components
            • Logstash Configuration Description
            • Connector Rules
            • Parser Rules
            • Upgrading the Component Controller
        • Modeling Analysis
          • Intelligent Modeling
            • Overview
            • Viewing Model Templates
            • Creating and Editing a Model
            • Viewing a Model
            • Managing Models
        • Security Orchestration
          • Overview
          • Playbooks
            • Enabling a Workflow
            • Enabling a Playbook
            • Managing Workflows
            • Managing Workflow Versions
            • Managing Playbooks
            • Managing Playbook Versions
            • Managing an Operation Connection
            • Viewing Monitored Playbook Instances
          • Objects
            • Overview
            • Viewing Data Classes
            • Managing Alert Types
            • Managing Incident Types
            • Viewing Threat Intelligence Types
            • Managing Vulnerability Types
            • Viewing Custom Types
            • Managing Categorical Mappings
          • Creating a Custom Layout
            • Viewing Layouts
            • Viewing a Layout Template
          • Viewing Plug-in Details
          • Directory Customization
        • Playbook Overview
          • Ransomware Incident Response Solution
          • Attack Link Analysis Alert Notification
            • Playbook Overview
            • Configuring Playbooks
          • HSS Isolation and Killing of Malware
            • Playbook Overview
            • Configuring Playbooks
          • Automatic Renaming of Alert Names
          • Auto High-Risk Vulnerability Notification
          • Automatic Notification of High-Risk Alerts
          • Auto Blocking for High-risk Alerts
          • Real-time Notification of Critical Organization and Management Operations
        • Permissions Management
          • Creating a User and Granting Permissions
          • SecMaster Custom Policies
          • SecMaster Permissions and Supported Actions
        • Key Operations Recorded by CTS
          • SecMaster Operations Recorded by CTS
          • Viewing CTS Traces in the Trace List
      • Best Practices
        • Log Access and Transfer Operation Guide
          • Solution Overview
          • Resource Planning
          • Process Flow
          • Procedure
            • (Optional) Step 1: Buy an ECS
            • (Optional) Step 2: Buy a Data Disk
            • (Optional) Step 3: Attach a Data Disk
            • Step 4: Create a Non-administrator IAM User
            • Step 5: Configure Network Connection
            • Step 6: Install the Component Controller (isap-agent)
            • Step 7: Install the Log Collection Component (Logstash)
            • (Optional) Step 8: Creating a Log Storage Pipeline
            • Step 9: Configure a Connector
            • (Optional) Step 10: Configure a Log Parser
            • Step 11: Configure a Log Collection Channel
            • Step 12: Verify Log Access and Transfer
          • Application Examples
            • Connecting EulerOS Logs to SecMaster
            • Integrating Windows Configuration Logs into SecMaster
            • Integrating AWS ALB Logs into SecMaster
        • Credential Leakage Response Solution
      • API Reference
        • Before You Start
        • API Overview
        • Calling APIs
          • Making an API Request
          • Authentication
          • Response
        • API
          • Alert Management
            • Querying the Alert List
            • Creating an Alert
            • Deleting an Alert
            • Converting an Alert into an Incident
            • Obtain Alert Details
            • Updating an Alert
          • Incident Management
            • Querying the Incident List
            • Creating an Incident
            • Deleting an Incident
            • Querying Details About an Incident
            • Updating an Incident
          • Threat Indicator Management
            • Querying the Indicator List
            • Creating a Threat Indicator
            • Deleting a Threat Indicator
            • Querying Details About a Threat Indicator
            • Updating a Threat Indicator
          • Playbook Management
            • Monitoring Playbook Running
            • Querying Playbook Statistics Data
            • Querying the Playbook List
            • Creating a Playbook
            • Querying Playbook Details
            • Deleting a Playbook
            • Modifying a Playbook
          • Alert Rule Management
            • Listing Alert Rules
            • Creating an Alert Rule
            • Deleting an Alert Rule
            • Querying an Alert Rule
            • Updating an Alert Rule
            • Simulating an Alert Rule
            • Total number of alert rules.
            • Enabling an Alert Rule
            • Disabling an Alert Rule
            • Querying the Alert Rule Template List
            • Viewing Alert Rule Templates
          • Playbook Version Management
            • Cloning a Playbook and Its Version
            • Querying the Playbook Version List
            • Creating a Playbook Version
            • Querying Playbook Version Details
            • Deleting a Playbook Version
            • Updating a Playbook Version
          • Playbook Rule Management
            • Querying Playbook Rule Details
            • Deleting a Playbook Rule
            • Creating a Playbook Rule
            • Updating a Playbook Rule
          • Playbook Instance Management
            • Querying the Playbook Instance List
            • Querying Details About a Playbook Instance
            • Operating a Playbook Instance
            • Querying the Playbook Topology
            • Querying Review Logs of a Playbook Instance
          • Playbook Review Management
            • Reviewing a Playbook
            • Querying the Playbook Review Result
          • Playbook Workflow Management
            • Querying the Playbook Workflow
            • Creating a Playbook Workflow
            • Deleting a Playbook Workflow
            • Updating a Playbook Workflow
          • Incident Relationship Management
            • Querying the List of Associated Data Objects
            • Associating with a Data Object
            • Canceling the Association with a Data Object
          • Data Class Management
            • Querying the Data Class List
            • Querying the Field List
          • Workflow Management
            • Querying the Workflow List
          • Data Space Management
            • Creating a Data Space
          • Pipeline Management
            • Creating a Data Pipeline
          • Workspace Management
            • Creating a Workspace
            • Querying the Workspace List
            • Updating a Workspace
            • Querying Details About a Workspace
            • Deleting a Workspace
          • Metering and Billing
            • Subscribing to Pay-per-Use SecMaster
          • Querying Metrics
            • Batch Querying Metrics
          • Baseline Inspection
            • Querying the List of Baseline Inspection Results
        • Appendix
          • Status Codes
          • Error Codes
          • Obtaining a Project ID
          • About Metrics
      • FAQs
        • Product Consulting
          1. What Are the Dependencies and Differences Between SecMaster and Other Security Services?
          2. What Are the Differences Between SecMaster and HSS?
          3. What Are the Relationships and Differences Between SecMaster and SA?
          4. Where Does SecMaster Obtain Its Data From?
        • About Purchase and Specifications Change
          1. Why Cannot the Total ECS Quota Be Less Than the Number of Existing ECSs?
          2. How Do I Obtain Permissions to Purchase SecMaster?
          3. How Do I Change SecMaster Editions or Specifications?
          4. How Do I Upgrade SA to SecMaster?
        • Security Situation
          1. How Do I Update My Security Score?
          2. Why Is There No Attack Data or Only A Small Amount of Attack Data?
          3. Why Is Data Inconsistent or Not Displayed on the Security Overview Page?
        • Risk Prevention
          1. What Is the Difference Between a Baseline and a Vulnerability?
          2. How Do I Handle Vulnerabilities?
          3. Why Is an Alert Still Reported After I Fixed a Vulnerability?
          4. Do I Need to Restart a Server After Its Vulnerabilities Are Fixed?
          5. What Is the Sequence of Fixing Vulnerabilities in Batches?
        • Threat Management
          1. How Do I Handle a Brute-force Attack?
          2. How Do I Check the Storage Space Used by All Logs?
        • Data Integration
          1. How Long Are Logs Stored in SecMaster?
        • Data Collection
          1. Why Did the Component Controller Fail to Be Installed?
          2. How Are Collection Node or Collection Channel Faults Handled?
          3. Which Commands Are Commonly Used for the Component Controller?
          4. How Do I Release an ECS or VPC Endpoint?
        • Permissions Management
          1. Can I Use SecMaster Across Accounts?
          2. How Do I Grant Permissions to an IAM User?
        • Regions and AZs
          1. What Are Regions and AZs?
          2. Why Is the Region Selection Box Displayed for Global-Level Projects?
      • More Documents
        • User Guide (ME-Abu Dhabi Region)
          • Service Overview
            • What Is SecMaster?
            • Product Advantages
            • Application Scenarios
            • Functions
            • Experience Packages
              • Preconfigured Playbooks
            • Billing
            • Permissions Management
            • SecMaster and Other Services
            • Basic Concepts
              • SOC
              • Security Overview and Situation Overview
              • Workspaces
              • Alert Management
              • Security Orchestration
              • Security Analysis
          • Buying SecMaster
            • Buying SecMaster
            • Purchasing Value-Added Packages
            • Increasing Quotas
            • Unsubscribing from SecMaster
          • Authorizing SecMaster
          • Viewing Security Overview
          • Workspaces
            • Workspace Overview
            • Creating a Workspace
            • Managing Workspaces
              • Viewing a Workspace
              • Editing a Workspace
              • Deleting a Workspace
              • Managing Workspace Tags
          • Viewing Purchased Resources
          • Security Governance
            • Security Governance Overview
            • Security Compliance Pack Description
            • Authorizing SecMaster to Access Cloud Service Resources
            • Subscribing to or Unsubscribing from a Compliance Pack
            • Starting a Self-Assessment
            • Viewing Security Compliance Overview
            • Viewing Evaluation Results
            • Viewing Policy Scanning Results
            • Downloading a Compliance Report
          • Security Situation
            • Checking the Situation Overview
            • Checking Security Situation through Large Screens
              • Large Screen Overview
              • Overall Situation Screen
              • Monitoring Statistics Screen
              • Asset Security Screen
              • Threat Situation Screen
              • Vulnerable Assets Screen
            • Security Reports
              • Creating and Copying a Security Report
              • Viewing a Security Report
              • Downloading a Security Report
              • Managing Security Reports
            • Task Center
              • Viewing To-Do Tasks
              • Handling a To-Do Task
              • Viewing Completed Tasks
          • Resource Manager
            • Overview
            • Configuring the Asset Subscription
            • Viewing Asset Information
            • Importing and Exporting Assets
            • Editing or Deleting an Asset
          • Risk Prevention
            • Baseline Inspection
              • Baseline Inspection Overview
              • Starting an Immediate Baseline Check
              • Performing a Scheduled Baseline Check
              • Performing a Manual Baseline Check
              • Viewing Baseline Check Results
              • Handling Check Results
              • Managing Compliance Packs
              • Managing Check Items
            • Vulnerability Management
              • Overview
              • Viewing Vulnerability Details
              • Fixing Vulnerabilities
              • Ignoring and Unignoring a Vulnerability
              • Importing and Exporting Vulnerabilities
            • Policy Management
              • Overview
              • Adding an Emergency Policy
              • Managing Emergency Policies
              • Batch Blocking and Canceling Batch Blocking of an IP Address or IP Address Range
          • Threat Operations
            • Incident Management
              • Viewing Incidents
              • Adding and Editing an Incident
              • Importing and Exporting Incidents
              • Closing and Deleting an Incident
            • Alert Management
              • Overview
              • Viewing Alert Details
              • Converting an Alert into an Incident or Associating an Alert with an Incident
              • One-click Blocking or Unblocking
              • Closing and Deleting an Alert
              • Adding and Editing an Alert
              • Importing and Exporting Alerts
            • Indicator Management
              • Adding and Editing an Indicator
              • Closing and Deleting an Indicator
              • Importing and Exporting Indicators
              • Viewing Indicators
            • Intelligent Modeling
              • Viewing Model Templates
              • Creating and Editing a Model
              • Viewing a Model
              • Managing Models
            • Security Analysis
              • Security Analysis Overview
              • Configuring Indexes
              • Querying and Analyzing Logs
              • Log Fields
              • Quickly Adding a Log Alert Model
              • Viewing Results in a Chart
              • Downloading Logs
              • Managing Data Spaces
              • Managing Pipelines
              • Enabling Data Consumption
              • Enabling Data Monitoring
            • Query and Analysis Syntax
              • Query and Analysis Syntax Overview
              • Query Statements
              • Analysis Statements
                • SELECT
                • GROUP BY
                • HAVING
                • ORDER BY
                • LIMIT
                • Functions
                • Aggregate Functions
            • Data Delivery
              • Data Delivery Overview
              • Delivering Logs to Other Data Pipelines
              • Delivering Logs to OBS
              • Delivering Logs to LTS
              • Managing Data Delivery
          • Security Orchestration
            • Security Orchestration Overview
            • Playbook Orchestration Management
              • Enabling a Workflow
              • Enabling a Playbook
              • Managing Workflows
              • Managing Workflow Versions
              • Managing Playbooks
              • Managing Playbook Versions
              • Managing Asset Connections
              • Viewing Monitored Playbook Instances
            • Operation Object Management
              • Operation Object Management Overview
              • Viewing Data Classes
              • Managing Alert Types
              • Managing Incident Types
              • Managing Threat Intelligence Types
              • Managing Vulnerability Types
              • Managing Custom Types
              • Managing Categorical Mappings
            • Creating a Custom Layout
              • Managing Layouts
              • Viewing a Layout Template
            • Viewing Plug-in Details
          • Settings
            • Data Integration
              • Cloud Service Log Access Supported by SecMaster
              • Enabling Log Access
            • Log Data Collection
              • Data Collection Overview
              • Adding a Node
              • Configuring a Component
              • Adding a Connection
              • Creating and Editing a Parser
              • Adding and Editing a Collection Channel
              • Managing Connections
              • Managing Parsers
              • Managing Collection Channels
              • Viewing Collection Nodes
              • Managing Nodes and Components
              • Partitioning a Disk
              • Logstash Configuration Description
              • Connector Rules
              • Parser Rules
              • Upgrading the Component Controller
            • Customizing Directories
          • Permissions Management
            • Creating a User and Granting Permissions
            • SecMaster Custom Policies
            • SecMaster Permissions and Supported Actions
          • FAQs
            • Product Consulting
              • What Are the Dependencies and Differences Between SecMaster and Other Security Services?
              • What Are the Differences Between SecMaster and HSS?
              • Where Does SecMaster Obtain Its Data From?
            • About Purchase and Specifications Change
              • How Do I Change SecMaster Editions or Specifications?
              • How Is SecMaster Billed?
              • Can I Unsubscribe from SecMaster?
            • Security Situation
              • How Do I Update My Security Score?
              • Why Is There No Attack Data or Only A Small Amount of Attack Data?
              • Why Is Data Inconsistent or Not Displayed on the Security Overview Page?
            • Threat Management
              • How Do I Handle a Brute-force Attack?
              • How Do I Check the Storage Space Used by All Logs?
            • Data Collection
              • Why Did the Component Controller Fail to Be Installed?
              • How Are Collection Node or Collection Channel Faults Handled?
              • Which Commands Are Commonly Used for the Component Controller?
              • How Do I Release an ECS or VPC Endpoint?
            • Permissions Management
              • How Do I Grant Permissions to an IAM User?
          • Change History
        • User Guide (Kuala Lumpur Region)
          • Service Overview
            • What Is SecMaster?
            • Product Advantages
            • Application Scenarios
            • Functions
            • Personal Data Protection
            • Experience Packages
              • Preconfigured Playbooks
            • Permissions Management
            • SecMaster and Other Services
            • Basic Concepts
              • SOC
              • Security Overview and Situation Overview
              • Workspaces
              • Alert Management
              • Security Orchestration
              • Security Analysis
          • Applying for SecMaster
          • Authorizing SecMaster
          • Checking Security Overview
          • Workspaces
            • Workspace Overview
            • Creating a Workspace
            • Managing Workspaces
              • Viewing a Workspace
              • Editing a Workspace
              • Deleting a Workspace
              • Managing Workspace Tags
            • Workspace Agencies
              • Creating a Workspace Agency
              • Managing Agencies
          • Viewing Purchased Resources
          • Security Situation
            • Checking the Situation Overview
            • Checking Security Situation through Large Screens
              • Large Screen Overview
              • Overall Situation Screen
              • Monitoring Statistics Screen
              • Asset Security Screen
              • Threat Situation Screen
              • Vulnerable Assets Screen
            • Security Reports
              • Creating and Copying a Security Report
              • Viewing a Security Report
              • Downloading a Security Report
              • Managing Security Reports
            • Task Center
              • Viewing To-Do Tasks
              • Handling a To-Do Task
              • Viewing Completed Tasks
          • Resource Manager
            • Overview
            • Configuring the Asset Subscription
            • Viewing Asset Information
            • Importing and Exporting Assets
            • Editing or Deleting an Asset
          • Risk Prevention
            • Baseline Inspection
              • Overview
              • Starting an Immediate Baseline Check
              • Performing a Scheduled Baseline Check
              • Performing a Manual Baseline Check
              • Viewing Baseline Check Results
              • Handling Check Results
              • Managing Compliance Packs
              • Managing Check Items
              • Managing Check Plans
            • Vulnerabilities
              • Overview
              • Viewing Vulnerability Details
              • Fixing Vulnerabilities
              • Ignoring and Unignoring a Vulnerability
              • Importing and Exporting Vulnerabilities
            • Security Policies
              • Overview
              • Adding a Security Policy
              • Managing Security Policies
          • Threats
            • Incidents
              • Viewing Incidents
              • Adding and Editing an Incident
              • Importing and Exporting Incidents
              • Closing and Deleting an Incident
            • Alerts
              • Overview
              • Viewing Alert Details
              • Converting an Alert into an Incident or Associating an Alert with an Incident
              • One-Click Blocking or Unblocking
              • Closing and Deleting an Alert
              • Adding and Editing an Alert
              • Importing and Exporting Alerts
              • Handling Attacks
            • Indicators
              • Overview
              • Adding and Editing an Indicator
              • Closing and Deleting an Indicator
              • Importing and Exporting Indicators
              • Viewing Indicators
            • Intelligent Modeling
              • Overview
              • Viewing Model Templates
              • Creating and Editing a Model
              • Viewing a Model
              • Managing Models
            • Security Analysis
              • Overview
              • Configuring Indexes
              • Querying and Analyzing Logs
              • Log Fields
              • Quickly Adding a Log Alert Model
              • Viewing Results in a Chart
              • Downloading or Exporting Logs
              • Managing Data Spaces
              • Managing Pipelines
              • Enabling Data Consumption
              • Enabling Data Monitoring
            • Query and Analysis Syntax
              • Overview
              • Query Statements
              • Analysis Statements
                • SELECT
                • GROUP BY
                • HAVING
                • ORDER BY
                • LIMIT
                • Functions
                • Aggregate Functions
            • Data Delivery
              • Overview
              • Delivering Logs to Other Data Pipelines
              • Delivering Logs to OBS
              • Delivering Logs to LTS
              • Managing Data Delivery
          • Security Orchestration
            • Overview
            • Playbooks
              • Enabling a Workflow
              • Enabling a Playbook
              • Managing Workflows
              • Managing Workflow Versions
              • Managing Playbooks
              • Managing Playbook Versions
              • Managing an Asset Connection
              • Viewing Monitored Playbook Instances
            • Objects
              • Overview
              • Viewing Data Classes
              • Managing Alert Types
              • Managing Incident Types
              • Managing Threat Intelligence Types
              • Managing Vulnerability Types
              • Managing Custom Types
              • Managing Categorical Mappings
            • Creating a Custom Layout
              • Managing Layouts
              • Viewing a Layout Template
            • Viewing Plug-in Details
          • Settings
            • Data Integration
              • Cloud Service Log Access Supported by SecMaster
              • Enabling Log Access
            • Log Data Collection
              • Overview
              • Data Collection Process
              • Adding a Node
              • Partitioning a Disk
              • Configuring a Component
              • Adding a Connection
              • Creating and Editing a Parser
              • Adding and Editing a Collection Channel
              • Verifying Log Collection
              • Managing Connections
              • Managing Parsers
              • Managing Collection Channels
              • Viewing Collection Nodes
              • Managing Nodes and Components
              • Logstash Configuration Description
              • Connector Rules
              • Parser Rules
              • Upgrading the Component Controller
            • Directory Customization
          • Permissions Management
            • SecMaster Custom Policies
            • SecMaster Permissions and Supported Actions
          • FAQs
            • Product Consulting
              • What Are the Dependencies and Differences Between SecMaster and Other Security Services?
              • What Are the Differences Between SecMaster and HSS?
              • Where Does SecMaster Obtain Its Data From?
            • Security Situation
              • How Do I Update My Security Score?
              • Why Is There No Attack Data or Only A Small Amount of Attack Data?
              • Why Is Data Inconsistent or Not Displayed on the Security Overview Page?
            • Threat Management
              • How Do I Handle a Brute-force Attack?
              • How Do I Check the Storage Space Used by All Logs?
            • Data Collection
              • Why Did the Component Controller Fail to Be Installed?
              • How Are Collection Node or Collection Channel Faults Handled?
              • Which Commands Are Commonly Used for the Component Controller?
            • Permissions Management
              • How Do I Grant Permissions to an IAM User?
          • Change History
        • API Reference (Kuala Lumpur Region)
          • Before You Start
          • API Overview
          • Calling APIs
            • Making an API Request
            • Authentication
            • Response
          • API
            • Alert Management
              • Querying the Alert List
              • Creating an Alert
              • Deleting an Alert
              • Converting an Alert into an Incident
              • Obtain Alert Details
              • Updating an Alert
            • Incident Management
              • Querying the Incident List
              • Creating an Incident
              • Deleting an Incident
              • Querying Details About an Incident
              • Updating an Incident
            • Threat Indicator Management
              • Querying the Indicator List
              • Creating a Threat Indicator
              • Deleting a Threat Indicator
              • Querying Details About a Threat Indicator
              • Updating a Threat Indicator
            • Playbook Management
              • Monitoring Playbook Running
              • Querying Playbook Statistics Data
              • Querying the Playbook List
              • Creating a Playbook
              • Querying Playbook Details
              • Deleting a Playbook
              • Modifying a Playbook
            • Alert Rule Management
              • Listing Alert Rules
              • Creating an Alert Rule
              • Deleting an Alert Rule
              • Querying an Alert Rule
              • Updating an Alert Rule
              • Simulating an Alert Rule
              • Total number of alert rules.
              • Enabling an Alert Rule
              • Disabling an Alert Rule
              • Querying the Alert Rule Template List
              • Viewing Alert Rule Templates
            • Playbook Version Management
              • Cloning a Playbook and Its Version
              • Querying the Playbook Version List
              • Creating a Playbook Version
              • Querying Playbook Version Details
              • Deleting a Playbook Version
              • Updating a Playbook Version
            • Playbook Rule Management
              • Querying Playbook Rule Details
              • Deleting a Playbook Rule
              • Creating a Playbook Rule
              • Updating a Playbook Rule
            • Playbook Instance Management
              • Querying the Playbook Instance List
              • Querying Details About a Playbook Instance
              • Operating a Playbook Instance
              • Querying the Playbook Topology
              • Querying Review Logs of a Playbook Instance
            • Playbook Review Management
              • Reviewing a Playbook
              • Querying the Playbook Review Result
            • Playbook Workflow Management
              • Querying the Playbook Workflow
              • Creating a Playbook Workflow
              • Deleting a Playbook Workflow
              • Updating a Playbook Workflow
            • Incident Relationship Management
              • Querying the List of Associated Data Objects
              • Associating with a Data Object
              • Canceling the Association with a Data Object
            • Data Class Management
              • Querying the Data Class List
              • Querying the Field List
            • Workflow Management
              • Querying the Workflow List
            • Data Space Management
              • Creating a Data Space
            • Pipeline Management
              • Creating a Data Pipeline
            • Workspace Management
              • Creating a Workspace
              • Querying the Workspace List
            • Metering and Billing
              • Subscribing to Pay-per-Use SecMaster
            • Querying Metrics
              • Batch Querying Metrics
            • Baseline Inspection
              • Querying the List of Baseline Inspection Results
          • Appendix
            • Status Codes
            • Error Codes
            • Obtaining a Project ID
            • About Metrics
          • Change History
      • Videos
      • General Reference
        • Glossary
        • Service Level Agreement
        • White Papers
        • Endpoints
        • Permissions