Updated on 2025-10-10 GMT+08:00

Viewing Application Protection

Scenario

After application protection is enabled, you can view the protection status and events on the Application Protection page. You can analyze the events and harden your applications accordingly.

Checking the Protection Status

  1. Log in to the management console.
  2. Click in the upper left corner and select a region or project.
  3. In the upper left corner of the page, click and choose Security > Host Security Service.
  4. Choose Server Protection > Application Protection. Click the Protected Servers tab.
  5. (Optional) If you have enabled the enterprise project function, select an enterprise project from the Enterprise Project drop-down list in the upper part of the page to view its data.
  6. View the service protection status. For details, see Table 1.

    Table 1 Parameters for protection settings

    Parameter

    Description

    Server Name/ID

    Server name and ID

    IP Address

    Private IP address and EIP of the server

    OS

    Server OS

    Server Group

    Group that the server belongs to

    Policy

    Detection policies bound to the target server.

    Protection Status

    Agent status of a server.

    • Protected: The agent is online.
    • Unprotected: The agent is offline.

    Microservice Protection

    Microservice protection status. Its value can be:

    • Effective: The microservice protection is enabled successfully.
    • Installing: The microservice RASP protection software is being installed and protection is disabled.
    • Installed but not configured: The microservice RASP protection software is successfully installed, but microservice startup parameters are not configured and protection is disabled.
    • Installation failed: The microservice RASP protection software fails to be installed.

    RASP Protection.

    RASP protection status. Its value can be:

    If the following information is displayed, protection is not enabled. Check whether there are operations that are not handled by referring to Enabling Application Protection.

    • Installing: The microservice RASP protection software is being installed and protection is disabled.
    • Installed but not configured: The microservice RASP protection software is successfully installed, but microservice startup parameters are not configured and protection is disabled.
    • Installation failed: The microservice RASP protection software fails to be installed.

    Detected Attacks

    Number of attacks detected by RASP.

Viewing Events

  1. Log in to the management console.
  2. Click in the upper left corner and select a region or project.
  3. In the upper left corner of the page, click and choose Security > Host Security Service.
  4. Choose Server Protection > Application Protection and click the Events tab. For more information, see Table 2.

    To view the events of a server, click View Report in the Operation column of the server.

    Table 2 Event parameters

    Parameter

    Description

    Severity

    Alarm severity. You can search for servers by alarm severities.

    • Critical
    • High
    • Medium
    • Low

    Server Name

    Server that triggers an alarm

    Alarm Name

    Alarm name

    Alarm Time

    Time when an alarm is reported

    Attack Source IP Address

    IP address of the server that triggers the alarm

    Attack Source URL

    URL of the server that triggers the alarm

  5. You can click an alarm name to view the attack information (such as the request information and attack source IP address) and extended information (such as detection rule ID and description), and troubleshoot the problem accordingly.