Managing the Alarm Whitelist

Adding Events to the Alarm Whitelist

When handling an alarm event, you can select Add it to alarm whitelist.

Checking the Alarm Whitelist

Perform the following steps to check the alarm whitelist:

1. Log in to the management console.
2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > HSS.
3. In the navigation pane on the left, choose Detection & Response > Whitelists.
   

   If your servers are managed by enterprise projects, you can select an enterprise project to view or operate the asset and scan information.

4. Click the Alarm Whitelist tab to view the whitelist. For more information, see Table 1.
   Figure 1 Alarm whitelist
   

   Table 1 Alarm whitelist parameters

   Parameter Name	Description
   Alarm Type	Name of the alarm whitelist type.
   Whitelist Field	Whitelisted file field
   Wildcard	Logic used by a whitelisted rule, which can be equal or include.
   Description	Description of the whitelist.
   Whitelist Rule	Whitelisted rule ID
   Added	Time when an alarm is added to the whitelist.
   Enterprise Project	Enterprise project
   Occurrences Today	Number of times that alarm events meet the whitelist conditions today.
   Total Occurrences	Total number of times that alarm events meet the whitelist conditions. By default, this parameter is not displayed.

Related Operations

Removing alarms from the whitelist

To remove an alarm from the whitelist, select it and click Delete.

• Exercise caution when performing this operation. Whitelisted alarms cannot be restored after removal, and will be reported once triggered.
• When an alarm is removed from the whitelist, you can select Clear Associated Alarms to update the handling status of all alarm events associated with the whitelist item.