Updated on 2025-08-26 GMT+08:00

Viewing Container Assets

Scenarios

HSS can collect information about container assets, including clusters, nodes, containers, images, and container fingerprints. With the container asset function, you can centrally count container assets and detect unsafe assets in a timely manner.

This section describes how to view collected container asset information.

Constraints

  • Only the HSS container edition supports the container fingerprint function.
  • Only Linux is supported.

Viewing Cluster Information

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > Host Security Service.
  3. Choose Asset Management > Container Assets. Click the Cluster tab.

    Figure 1 Clusters

  4. (Optional) If you have enabled the enterprise project function, select an enterprise project from the Enterprise Project drop-down list in the upper part of the page to view its data.
  5. View the cluster list, workload, service, and pod information.

Viewing Node Information

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > Host Security Service.
  3. Choose Asset Management > Container Assets. Click the Nodes tab.

    Figure 2 Nodes

  4. (Optional) If you have enabled the enterprise project function, select an enterprise project from the Enterprise Project drop-down list in the upper part of the page to view its data.
  5. View information about cluster nodes and independent nodes.

Viewing Container Information

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > Host Security Service.
  3. Choose Asset Management > Container Assets. Click the Containers tab.

    Figure 3 Containers

  4. (Optional) If you have enabled the enterprise project function, select an enterprise project from the Enterprise Project drop-down list in the upper part of the page to view its data.
  5. View container information.

Viewing Image Information

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > Host Security Service.
  3. Choose Asset Management > Container Assets. Click the Images tab.

    Figure 4 Images

  4. (Optional) If you have enabled the enterprise project function, select an enterprise project from the Enterprise Project drop-down list in the upper part of the page to view its data.
  5. View the CI/CD image, local image, and container image information.

Viewing Container Fingerprint Information

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > Host Security Service.
  3. Choose Asset Management > Container Fingerprints. Click the Container Fingerprints tab. View the fingerprint data of all containers.

    To view the fingerprints of a single container, choose Asset Management > Servers & Quota, and click the server name where the container is deployed. On the node details page that is displayed, choose Asset Fingerprints > Container Assets.

    Figure 5 Container fingerprints

  4. (Optional) If you have enabled the enterprise project function, select an enterprise project from the Enterprise Project drop-down list in the upper part of the page to view its data.
  5. Click a fingerprint type in the list to view the asset information.
  6. (Optional) Remove risky assets.

    If you find unsafe assets after counting, remove them in a timely manner.

    If you receive port alarms, you can set Dangerous Port to Yes in the search box of the Open Ports area to filter dangerous ports. You are advised to handle unsafe ports as follows:

    • If HSS detects open high-risk ports or unused ports, check whether they are really used by your services. If they are not, disable them. For dangerous ports, you are advised to further check their program files, and delete or isolate their source files if necessary.
    • If a detected high-risk port is actually a normal port used for services, you can ignore it. Ignored alarms will neither be recorded as unsafe items and nor trigger alarms.

    High-risk port list describes the common dangerous ports.