Esta página ainda não está disponível no idioma selecionado. Estamos trabalhando para adicionar mais opções de idiomas. Agradecemos sua compreensão.
SecMaster
SecMaster
- What's New
- Function Overview
- Service Overview
-
Billing
- Billing Overview
- Billing Modes
- Billing Items
- Billing Examples
- Changing the Billing Mode
- Renewing Your Subscription
- Bills
- About Arrears
- Billing Termination
- Cost Management
-
Billing FAQs
- How Is SecMaster Billed?
- Can I Use SecMaster for Free?
- How Do I Change or Disable Auto Renewal for SecMaster?
- Will SecMaster Be Billed After It Expires?
- How Do I Renew SecMaster?
- Where Can I Unsubscribe from SecMaster?
- Where Can I View the Remaining Quotas of Security Data Collection and Security Data Packages?
- Can I Change the Billing Mode for SecMaster?
- Getting Started
-
User Guide
- Buying SecMaster
- Authorizing SecMaster
- Checking Security Overview
- Workspaces
- Viewing Purchased Resources
-
Security Governance
- Security Governance Overview
- Security Compliance Pack Description
- Authorizing SecMaster to Access Cloud Service Resources
- Subscribing to or Unsubscribing from a Compliance Pack
- Starting a Self-Assessment
- Viewing Security Compliance Overview
- Viewing Evaluation Results
- Viewing Policy Scanning Results
- Downloading a Compliance Report
- Security Situation
- Resource Manager
- Risk Prevention
- Threats
- Security Orchestration
-
Playbook Overview
- Ransomware Incident Response Solution
- Attack Link Analysis Alert Notification
- HSS Isolation and Killing of Malware
- Automatic Renaming of Alert Names
- Auto High-Risk Vulnerability Notification
- Automatic Notification of High-Risk Alerts
- Auto Blocking for High-risk Alerts
- Real-time Notification of Critical Organization and Management Operations
-
Settings
- Data Integration
-
Log Data Collection
- Data Collection Overview
- Data Collection Process
- Adding a Node
- Configuring a Component
- Adding a Connection
- Creating and Editing a Parser
- Adding and Editing a Collection Channel
- Verifying Log Collection
- Managing Connections
- Managing Parsers
- Managing Collection Channels
- Viewing Collection Nodes
- Managing Nodes and Components
- Partitioning a Disk
- Logstash Configuration Description
- Connector Rules
- Parser Rules
- Upgrading the Component Controller
- Customizing Directories
- Permissions Management
- Key Operations Recorded by CTS
-
Best Practices
-
Log Access and Transfer Operation Guide
- Solution Overview
- Resource Planning
- Process Flow
-
Procedure
- (Optional) Step 1: Buy an ECS
- (Optional) Step 2: Buy a Data Disk
- (Optional) Step 3: Attach a Data Disk
- Step 4: Create a Non-administrator IAM User
- Step 5: Configure Network Connection
- Step 6: Install the Component Controller (isap-agent)
- Step 7: Install the Log Collection Component (Logstash)
- (Optional) Step 8: Creating a Log Storage Pipeline
- Step 9: Configure a Connector
- (Optional) Step 10: Configure a Log Parser
- Step 11: Configure a Log Collection Channel
- Step 12: Verify Log Access and Transfer
- Credential Leakage Response Solution
-
Log Access and Transfer Operation Guide
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
API
- Alert Management
- Incident Management
- Indicator Management
- Playbook Management
- Alert Rule Management
- Playbook Version Management
- Playbook Rule Management
- Playbook Instance Management
- Playbook Approval Management
- Playbook Action Management
- Incident Relationship Management
- Data Class Management
- Workflow Management
- Data Space Management
- Pipelines
- Workspace Management
- Metering and Billing
- Metric Query
- Baseline Inspection
- Appendix
- FAQs
-
More Documents
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Buying SecMaster
- Authorizing SecMaster
- Viewing Security Overview
- Workspaces
- Viewing Purchased Resources
-
Security Governance
- Security Governance Overview
- Security Compliance Pack Description
- Authorizing SecMaster to Access Cloud Service Resources
- Subscribing to or Unsubscribing from a Compliance Pack
- Starting a Self-Assessment
- Viewing Security Compliance Overview
- Viewing Evaluation Results
- Viewing Policy Scanning Results
- Downloading a Compliance Report
- Security Situation
- Resource Manager
- Risk Prevention
- Threat Operations
- Security Orchestration
-
Settings
- Data Integration
-
Log Data Collection
- Data Collection Overview
- Adding a Node
- Configuring a Component
- Adding a Connection
- Creating and Editing a Parser
- Adding and Editing a Collection Channel
- Managing Connections
- Managing Parsers
- Managing Collection Channels
- Viewing Collection Nodes
- Managing Nodes and Components
- Partitioning a Disk
- Logstash Configuration Description
- Connector Rules
- Parser Rules
- Upgrading the Component Controller
- Customizing Directories
- Permissions Management
- FAQs
- Change History
-
User Guide (Kuala Lumpur Region)
- Service Overview
- Authorizing SecMaster
- Security Overview
- Workspaces
- Viewing Purchased Resources
- Security Situation
- Resource Manager
-
Risk Prevention
-
Baseline Inspection
- Baseline Inspection Overview
- Creating a Custom Check Plan
- Starting an Immediate Baseline Check
- Viewing Check Results
- Handling Check Results
- Viewing Compliance Packs
- Creating a Custom Compliance Pack
- Importing and Exporting a Compliance Pack
- Viewing Check Items
- Creating a Custom Check Item
- Importing and Exporting Check Items
- Vulnerability Management
- Policy Management
-
Baseline Inspection
-
Threat Operations
- Incident Management
- Alert Management
- Indicator Management
- Intelligent Modeling
- Security Analysis
- Data Delivery
-
Security Orchestration
- Security Orchestration Overview
- Built-in Playbooks
- Security Orchestration Process
- (Optional) Configuring and Enabling a Workflow
- Configuring and Enabling a Playbook
- Operation Object Management
- Playbook Orchestration Management
- Layout Management
- Plug-in Management
- Settings
-
FAQs
-
Product Consulting
- Why Is There No Attack Data or Only A Small Amount of Attack Data?
- Where Does SecMaster Obtain Its Data From?
- What Are the Dependencies and Differences Between SecMaster and Other Security Services?
- What Are the Differences Between SecMaster and HSS?
- How Do I Update My Security Score?
- How Do I Handle a Brute-force Attack?
- Issues About Data Synchronization and Data Consistency
- About Data Collection Faults
-
Product Consulting
- Change History
-
User Guide (ME-Abu Dhabi Region)
- General Reference
On this page
Copied.
Managing Pipelines
A data transfer message topic and a storage index form a pipeline. This topic describes how to manage data pipelines. You can:
- Creating a Pipeline: If you need to use security analysis, data analysis, and intelligent modeling features in SecMaster, you need to create pipelines.
- Viewing Pipeline Details: You can view the pipeline details, including the pipeline name, data space, and creation time.
- Editing a Pipeline: You can modify the pipeline information, such as the number of shards, description, and lifecycle.
- Deleting a Pipeline: You can delete a pipeline. Data in the pipeline will also be deleted and cannot be restored. Exercise caution when performing this operation.
Limitations and Constraints
- A maximum of 20 pipelines can be created in a data space in a region for an account.
- Pipelines created by the system cannot be edited.
- Pipelines created by the system cannot be deleted.
Creating a Pipeline
- Log in to the management console.
- Click
in the upper left corner of the management console and select a region or project. - Click
in the upper left corner of the page and choose Security & Compliance > SecMaster. - In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 1 Workspace management page
- In the navigation pane on the left, choose Threats > Security Analysis. The Security Analysis page is displayed.
Figure 2 Accessing the Security Analysis tab page
- (Optional) Add a data space. For details, see Adding a Data Space.
- In the data space navigation tree on the left, click
on the right of the data space name and select Create Pipeline.
Figure 3 Create Pipeline
- On the Create Pipeline page, configure pipeline parameters. For details about the parameters, see Table 1.
Table 1 Parameters for creating a pipeline Parameter
Description
Data Space
Data space the pipeline belongs to. This parameter is generated by the system by default.
Pipeline Name
Name of the pipeline. The naming rules are as follows:
- The name can contain 5 to 63 characters.
- The name can contain letters, numbers, and hyphens (-). The name cannot start or end with a hyphen (-) or contain consecutive hyphens (-).
- The name must be unique in the data space.
Shards
The number of shards of the pipeline. The value ranges from 1 to 64.
An index can store a large amount of data that exceeds the hardware limits of a node. To solve this problem, Elasticsearch subdivides your index into multiple pieces called shards. When creating an index, you can specify the number of shards as required. Each shard is in itself a fully-functional and independent "index" that can be hosted on any node in the cluster.
Lifecycle
Lifecycle of data in the pipeline. Value range: 7 to 180
Description
Remarks on the pipeline. This parameter is optional.
- Click OK.
You can click the data space name or
next to the data space to view the created pipeline.
Viewing Pipeline Details
- Log in to the management console.
- Click in the upper left corner of the management console and select a region or project.
- Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
- In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 4 Workspace management page
- In the navigation pane on the left, choose Threats > Security Analysis. The Security Analysis page is displayed.
Figure 5 Accessing the Security Analysis tab page
- In the data space navigation tree on the left, click a data space name to show the pipeline list.
Figure 6 Viewing pipeline details
- Click
next to a pipeline name you want to view. The Pipeline Details pane is displayed on the right of the page.
Table 2 Pipeline parameters Parameter
Description
Workspace Name
Name of the workspace to which the pipeline belongs.
Workspace ID
ID of the workspace to which the pipeline belongs.
Data Space Name
Name of the data space to which the pipeline belongs.
Data Space ID
ID of the data space to which the pipeline belongs.
Pipeline Name
Name of the pipeline.
Pipeline ID
ID of the pipeline.
Shards
Number of shards of the pipeline.
Lifecycle
Retention period of the data in the pipeline.
Created
Time when the pipeline was created.
Description
Description of the pipeline.
Editing a Pipeline
- Log in to the management console.
- Click in the upper left corner of the management console and select a region or project.
- Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
- In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 7 Workspace management page
- In the navigation pane on the left, choose Threats > Security Analysis. The Security Analysis page is displayed.
Figure 8 Accessing the Security Analysis tab page
- In the data space navigation tree on the left, click a data space name to show the pipeline list.
Figure 9 Viewing pipeline details
- Click More > Edit next to the pipeline name.
Figure 10 Entry for editing a pipeline
- On the Edit Pipeline page, configure pipeline parameters. For details about the parameters, see Table 3.
Table 3 Parameters for editing a pipeline Parameter
Description
Data Space
Data space to which the pipeline belongs. This parameter cannot be modified.
Pipeline Name
Name you specified for the pipeline. The name cannot be changed after the pipeline is created.
Shards
The number of shards of the pipeline. The value ranges from 1 to 64.
Lifecycle
Lifecycle of data in the pipeline. Value range: 7 to 180
Description
Remarks on the pipeline. This parameter is optional.
- Click OK.
Deleting a Pipeline
- Log in to the management console.
- Click in the upper left corner of the management console and select a region or project.
- Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
- In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 11 Workspace management page
- In the navigation pane on the left, choose Threats > Security Analysis. The Security Analysis page is displayed.
Figure 12 Accessing the Security Analysis tab page
- In the data space navigation tree on the left, click a data space name to show the pipeline list.
Figure 13 Viewing pipeline details
- Click More > Delete next to the pipeline name.
Figure 14 Deleting a pipeline
- In the dialog box displayed, click OK.
Parent topic: Security Analysis
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
