Halaman ini belum tersedia dalam bahasa lokal Anda. Kami berusaha keras untuk menambahkan lebih banyak versi bahasa. Terima kasih atas dukungan Anda.
SecMaster
SecMaster
- What's New
- Function Overview
- Service Overview
-
Billing
- Billing Overview
- Billing Modes
- Billing Items
- Billing Examples
- Changing the Billing Mode
- Renewing Your Subscription
- Bills
- About Arrears
- Billing Termination
- Cost Management
-
Billing FAQs
- How Is SecMaster Billed?
- Can I Use SecMaster for Free?
- How Do I Change or Disable Auto Renewal for SecMaster?
- Will SecMaster Be Billed After It Expires?
- How Do I Renew SecMaster?
- Where Can I Unsubscribe from SecMaster?
- Where Can I View the Remaining Quotas of Security Data Collection and Security Data Packages?
- Can I Change the Billing Mode for SecMaster?
- Getting Started
-
User Guide
- Buying SecMaster
- Authorizing SecMaster
- Checking Security Overview
- Workspaces
- Viewing Purchased Resources
-
Security Governance
- Security Governance Overview
- Security Compliance Pack Description
- Authorizing SecMaster to Access Cloud Service Resources
- Subscribing to or Unsubscribing from a Compliance Pack
- Starting a Self-Assessment
- Viewing Security Compliance Overview
- Viewing Evaluation Results
- Viewing Policy Scanning Results
- Downloading a Compliance Report
- Security Situation
- Resource Manager
- Risk Prevention
- Threats
- Security Orchestration
-
Playbook Overview
- Ransomware Incident Response Solution
- Attack Link Analysis Alert Notification
- HSS Isolation and Killing of Malware
- Automatic Renaming of Alert Names
- Auto High-Risk Vulnerability Notification
- Automatic Notification of High-Risk Alerts
- Auto Blocking for High-risk Alerts
- Real-time Notification of Critical Organization and Management Operations
-
Settings
- Data Integration
-
Log Data Collection
- Data Collection Overview
- Data Collection Process
- Adding a Node
- Configuring a Component
- Adding a Connection
- Creating and Editing a Parser
- Adding and Editing a Collection Channel
- Verifying Log Collection
- Managing Connections
- Managing Parsers
- Managing Collection Channels
- Viewing Collection Nodes
- Managing Nodes and Components
- Partitioning a Disk
- Logstash Configuration Description
- Connector Rules
- Parser Rules
- Upgrading the Component Controller
- Customizing Directories
- Permissions Management
- Key Operations Recorded by CTS
-
Best Practices
-
Log Access and Transfer Operation Guide
- Solution Overview
- Resource Planning
- Process Flow
-
Procedure
- (Optional) Step 1: Buy an ECS
- (Optional) Step 2: Buy a Data Disk
- (Optional) Step 3: Attach a Data Disk
- Step 4: Create a Non-administrator IAM User
- Step 5: Configure Network Connection
- Step 6: Install the Component Controller (isap-agent)
- Step 7: Install the Log Collection Component (Logstash)
- (Optional) Step 8: Creating a Log Storage Pipeline
- Step 9: Configure a Connector
- (Optional) Step 10: Configure a Log Parser
- Step 11: Configure a Log Collection Channel
- Step 12: Verify Log Access and Transfer
- Credential Leakage Response Solution
-
Log Access and Transfer Operation Guide
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
API
- Alert Management
- Incident Management
- Indicator Management
- Playbook Management
- Alert Rule Management
- Playbook Version Management
- Playbook Rule Management
- Playbook Instance Management
- Playbook Approval Management
- Playbook Action Management
- Incident Relationship Management
- Data Class Management
- Workflow Management
- Data Space Management
- Pipelines
- Workspace Management
- Metering and Billing
- Metric Query
- Baseline Inspection
- Appendix
- FAQs
-
More Documents
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Buying SecMaster
- Authorizing SecMaster
- Viewing Security Overview
- Workspaces
- Viewing Purchased Resources
-
Security Governance
- Security Governance Overview
- Security Compliance Pack Description
- Authorizing SecMaster to Access Cloud Service Resources
- Subscribing to or Unsubscribing from a Compliance Pack
- Starting a Self-Assessment
- Viewing Security Compliance Overview
- Viewing Evaluation Results
- Viewing Policy Scanning Results
- Downloading a Compliance Report
- Security Situation
- Resource Manager
- Risk Prevention
- Threat Operations
- Security Orchestration
-
Settings
- Data Integration
-
Log Data Collection
- Data Collection Overview
- Adding a Node
- Configuring a Component
- Adding a Connection
- Creating and Editing a Parser
- Adding and Editing a Collection Channel
- Managing Connections
- Managing Parsers
- Managing Collection Channels
- Viewing Collection Nodes
- Managing Nodes and Components
- Partitioning a Disk
- Logstash Configuration Description
- Connector Rules
- Parser Rules
- Upgrading the Component Controller
- Customizing Directories
- Permissions Management
- FAQs
- Change History
-
User Guide (Kuala Lumpur Region)
- Service Overview
- Authorizing SecMaster
- Security Overview
- Workspaces
- Viewing Purchased Resources
- Security Situation
- Resource Manager
-
Risk Prevention
-
Baseline Inspection
- Baseline Inspection Overview
- Creating a Custom Check Plan
- Starting an Immediate Baseline Check
- Viewing Check Results
- Handling Check Results
- Viewing Compliance Packs
- Creating a Custom Compliance Pack
- Importing and Exporting a Compliance Pack
- Viewing Check Items
- Creating a Custom Check Item
- Importing and Exporting Check Items
- Vulnerability Management
- Policy Management
-
Baseline Inspection
-
Threat Operations
- Incident Management
- Alert Management
- Indicator Management
- Intelligent Modeling
- Security Analysis
- Data Delivery
-
Security Orchestration
- Security Orchestration Overview
- Built-in Playbooks
- Security Orchestration Process
- (Optional) Configuring and Enabling a Workflow
- Configuring and Enabling a Playbook
- Operation Object Management
- Playbook Orchestration Management
- Layout Management
- Plug-in Management
- Settings
-
FAQs
-
Product Consulting
- Why Is There No Attack Data or Only A Small Amount of Attack Data?
- Where Does SecMaster Obtain Its Data From?
- What Are the Dependencies and Differences Between SecMaster and Other Security Services?
- What Are the Differences Between SecMaster and HSS?
- How Do I Update My Security Score?
- How Do I Handle a Brute-force Attack?
- Issues About Data Synchronization and Data Consistency
- About Data Collection Faults
-
Product Consulting
- Change History
-
User Guide (ME-Abu Dhabi Region)
- General Reference
On this page
Help Center/
SecMaster/
User Guide (ME-Abu Dhabi Region)/
Security Orchestration/
Operation Object Management/
Managing Categorical Mappings
Copied.
Managing Categorical Mappings
Categorical mappings are used to match alert types and map alert fields for cloud service alerts.
This section describes how to manage categories and mappings, including Viewing Categorical Mappings, Creating a Categorical Mapping, Copying a Categorical Mapping, Editing a Categorical Mapping, and Enabling, Disabling, and Deleting a Categorical Mapping.
Viewing Categorical Mappings
- Log in to the management console.
- Click
in the upper part of the page and choose Security > SecMaster. - In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 1 Workspace management page
- In the navigation pane on the left, choose Security Orchestration > Objects. On the page displayed, click the Classify&Mapping tab.
Figure 2 Classify&Mapping tab
- On the Classify&Mapping tab, view details about the created categorical mappings.
- In the categorical mapping list, view details such as the categorical mapping name, data class, and number of associated plug-in instances.
- If there are many categorical mappings, use filters and keywords to search for a specific one.
- To edit a categorical mapping, click its name to go to the edit page.
On the edit page, you can edit details about the categorical mapping.
- In the categorical mapping list, you can also enable, disable, clone, and delete a categorical mapping.
Creating a Categorical Mapping
- Log in to the management console.
- Click in the upper part of the page and choose Security > SecMaster.
- In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 3 Workspace management page
- In the navigation pane on the left, choose Security Orchestration > Objects. On the page displayed, click the Classify&Mapping tab.
Figure 4 Classify&Mapping tab
- On the Classify&Mapping tab, click Create.
- On the Create Categorical Mapping page, set categorical mapping parameters.
Figure 5 Create Categorical Mapping
- In the Basic Parameters area on the left, configure basic information about the categorical mapping. For details about the parameters, see Table 1.
- In the Data Source area on the left, select the data source for the categorical mapping.
If Data Source is set to Upload JSON file, you need to click Upload JSON file and upload the JSON file.
- On the Classify tab on the right, select a classification method and set related parameters.
- After the classification configuration is complete, click
at the upper right corner of the page to save the configuration. - On the Mapping tab on the right, select a mapping mode and set related parameters.
- After the categorical mapping is complete, click
at the upper right corner of the page to save the configuration. - On the Preprocessing tab on the right, set preprocessing mapping parameters.
- Click
at the upper right corner of the page to save the configuration.
Copying a Categorical Mapping
- Log in to the management console.
- Click in the upper part of the page and choose Security > SecMaster.
- In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 6 Workspace management page
- In the navigation pane on the left, choose Security Orchestration > Objects. On the page displayed, click the Classify&Mapping tab.
Figure 7 Classify&Mapping tab
- On the Classify&Mapping page, click Clone in the Operation column of the target categorical mapping.
- In the displayed dialog box, enter the name for replicated mapping and click OK.
Editing a Categorical Mapping
- Log in to the management console.
- Click in the upper part of the page and choose Security > SecMaster.
- In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 8 Workspace management page
- In the navigation pane on the left, choose Security Orchestration > Objects. On the page displayed, click the Classify&Mapping tab.
Figure 9 Classify&Mapping tab
- On the Classify&Mapping page, click the target categorical mapping name to go to the edit page.
- On the Edit Categorical Mapping page, set parameters.
- In the Basic Parameters area on the left, configure basic information about the categorical mapping. For details about the parameters, see Table 1.
Table 2 Configuring basic information Parameter
Description
Name
Name of a user-defined categorical mapping.
Data Category
This field cannot be edited.
Description
Description of the custom categorical mapping.
- In the Data Source area on the left, select the data source for the categorical mapping.
If Data Source is set to Upload JSON file, you need to click Upload JSON file and upload the JSON file.
- On the Classify tab on the right, select a classification method and set related parameters.
- After the classification configuration is complete, click
at the upper right corner of the page to save the configuration. - On the Mapping tab on the right, select a mapping mode and set related parameters.
- After the categorical mapping is complete, click
at the upper right corner of the page to save the configuration. - On the Preprocessing tab on the right, set preprocessing mapping parameters.
- Click
at the upper right corner of the page to save the configuration.
- In the Basic Parameters area on the left, configure basic information about the categorical mapping. For details about the parameters, see Table 1.
Enabling, Disabling, and Deleting a Categorical Mapping
- Log in to the management console.
- Click in the upper part of the page and choose Security > SecMaster.
- In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 10 Workspace management page
- In the navigation pane on the left, choose Security Orchestration > Objects. On the page displayed, click the Classify&Mapping tab.
Figure 11 Classify&Mapping tab
- On the Classify&Mapping tab, manage categorical mappings.
NOTE:
- Custom categorical mappings cannot be enabled or disabled.
- Currently, built-in categorical mappings cannot be deleted.
Table 3 Managing categorical mappings Operation
Description
Enable
Locate the row containing the target categorical mapping and click Disable in the Status column.
If the status changes to Enable, the categorical mapping has been enabled.
Disable
Locate the row containing your desired categorical mapping and click Enable in the Status column.
If the status changes to Disable, the categorical mapping has been disabled.
Delete
- Click Delete in the Operation column of the target categorical mapping.
- In the displayed pane on the right, click Delete.
NOTE:
- If a categorical mapping is deleted, the plug-ins and connections associated with the categorical mapping will be stopped immediately.
- Deleted categorical mappings cannot be restored. Exercise caution when performing this operation.
Parent topic: Operation Object Management
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
