Viewing Model Templates

Scenario

SecMaster uses models to scan logs in pipelines. If SecMaster detects data that hits the trigger in a model, SecMaster generates an alert. Models are created based on templates. So you need to use available model templates to create models.

SecMaster provides multiple preconfigured model templates based on common scenarios. You can view scenario description, model principles, handling suggestions, and usage restrictions for these templates in this section.

Viewing Model Templates

1. Log in to the management console.
2. Click in the upper left corner of the management console and select a region or project.
3. Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
4. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
   Figure 1 Workspace management page
   

5. In the navigation pane on the left, choose Threat Operations > Intelligent Modeling, and select the Model Templates tab.
   Figure 2 Model Templates tab
   

6. On the Model Templates tab, view available model templates.

   Table 1 Template information

   Parameter	Description
   Model Template Statistics	This area displays how many Available templates and how many Active templates you have.
   Severity	This bar displays the number of available templates by severity levels, including Critical, High, Medium, Low, and Informative.
   Template list	The template list displays the severity, name, and model type of each template as well as when the template is created and upgraded. To view details about a model template, locate the row that contains the template, click Details in the Operation column. The template details page is displayed on the right. On the details page, you can view the description, query rules, triggering conditions, and query plans of the current model template.