Overview
SecMaster automatically executes code written in playbooks to enable automatic response to alerts and incidents. While some playbooks still need some custom settings for custom data processing. Those playbooks include the ones for automatically updating alert names, reporting high-risk vulnerabilities, and reporting high-risk alerts.
This document describes how to customize settings and enable playbooks that require custom data processing.
Playbooks, Workflows, and Plug-ins
The relationships between playbooks, workflows, and plug-ins are as follows:
- A playbook is a combination of workflows. Playbooks are used for complex data processing in many ways.
- A workflow is composed of a combination of a series of plug-in nodes for complex data processing.
- A plug-in is the encapsulation of function code. It is the minimum unit of a playbook and implements specific functions.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
