Help Center/ SecMaster/ User Guide/ Risk Prevention/ Baseline Inspection/ Performing a Scheduled Baseline Check
Updated on 2025-09-05 GMT+08:00
View PDF
Share

Performing a Scheduled Baseline Check

Scenarios

SecMaster can check whether your assets have risks based on baseline check plans. By default, every three days SecMaster automatically performs a baseline check on related assets in the current region under your account from 00:00 to 06:00 in accordance with compliance pack Cloud Security Compliance Check 1.0. This function is enabled by default. So there are no manual actions required.

You can customize the automatic inspection period, time, and scope to create custom check plans.

This document describes how to create a custom baseline check plan.

Limitations and Constraints

  • A compliance pack can be added to only one check plan.
  • SecMaster cannot execute check plans that include manual check items. So do not add compliance packs that include manual check items to a check plan. There are manual check items in DJCP 2.0 Level 3 Requirements, General Data Protection Regulation, PCI DSS, and NIST SP 800-53 compliance packs.
  • Baseline inspection for OS Configuration Baseline, Common Weak Password Detection, and Password Complexity Policy Detection compliance packs are performed in HSS instead of SecMaster. However, you can view check results in SecMaster. If you need to perform HSS baseline inspection, go to the HSS console and complete the inspection. For details, see Performing Baseline Inspection on HSS.
  • Auto check items in Cloud Security Compliance Check 1.0, Network Security, and Huawei Cloud Security Configuration compliance packs are supported.
  • The default check plan can be enabled or disabled only. No changes on its compliance packs or execution time can be made.

Procedure

  1. Log in to the SecMaster console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
  4. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.

    Figure 1 Workspace management page

  5. In the navigation pane on the left, choose Risk Prevention > Baseline Inspection. On the displayed page, click the Security Standards tab. Then, click the Check Plan tab.

    Figure 2 Accessing the Check Plan tab

  6. On the Check Plan tab, click Create Plan. The pane for creating a plan is displayed on the right.
  7. Configure a check plan.

    Table 1 Parameters for creating a check plan

    Parameter

    Description

    Basic Information

    Name

    Custom check plan name. It must meet the following requirements:

    • The plan name can contain only letters, digits, underscores (_), and hyphens (-).
    • Length: 1 to 255 characters.

    Schedule

    Select the check period and check triggering time from the drop-down list.

    • Schedule: every day, every 3 days, every 7 days, every 15 days, or every 30 days
    • Check start time: 00:00-06:00, 06:00-12:00, 12:00-18:00, or 18:00-24:00

    Select Compliance Pack

    Select the compliance pack you plan to use.

  8. Click OK.

    After the check plan is created, SecMaster performs cloud service baseline scanning at the specified time. You can choose Risk Prevention > Baseline Inspection to view the scan result.

Related Operations

You can view, edit, enable, disable, or delete a custom check plan. For details, see Managing Check Plans.

Parent topic: Baseline Inspection