- 产品动态
- 产品简介
- 购买指南
- 快速入门
- 操作指南
- 故障处理
- API 文档
- History
- Introduction
- API Category
- Making API Requests
- Network Security APIs
- AddAndPublishNetworkFirewallPolicyDetail
- AddAndPublishNetworkFirewallPolicyYamlDetail
- AddNetworkFirewallPolicyDetail
- AddNetworkFirewallPolicyYamlDetail
- CheckNetworkFirewallPolicyYaml
- ConfirmNetworkFirewallPolicy
- CreateNetworkFirewallClusterRefresh
- CreateNetworkFirewallPolicyDiscover
- CreateNetworkFirewallPublish
- CreateNetworkFirewallUndoPublish
- DeleteNetworkFirewallPolicyDetail
- DescribeNetworkFirewallAuditRecord
- DescribeNetworkFirewallClusterList
- DescribeNetworkFirewallClusterRefreshStatus
- DescribeNetworkFirewallNamespaceLabelList
- DescribeNetworkFirewallPodLabelsList
- DescribeNetworkFirewallPolicyDetail
- DescribeNetworkFirewallPolicyDiscover
- DescribeNetworkFirewallPolicyList
- DescribeNetworkFirewallPolicyStatus
- DescribeNetworkFirewallPolicyYamlDetail
- UpdateAndPublishNetworkFirewallPolicyDetail
- UpdateAndPublishNetworkFirewallPolicyYamlDetail
- UpdateNetworkFirewallPolicyDetail
- UpdateNetworkFirewallPolicyYamlDetail
- Cluster Security APIs
- CreateCheckComponent
- CreateClusterCheckTask
- CreateRefreshTask
- DescribeAffectedClusterCount
- DescribeAffectedNodeList
- DescribeAffectedWorkloadList
- DescribeCheckItemList
- DescribeRefreshTask
- DescribeRiskList
- DescribeTaskResultSummary
- DescribeUnfinishRefreshTask
- DescribeUserCluster
- SetCheckMode
- DescribeClusterDetail
- DescribeClusterSummary
- Security Compliance APIs
- AddComplianceAssetPolicySetToWhitelist
- AddCompliancePolicyAssetSetToWhitelist
- AddCompliancePolicyItemToWhitelist
- CreateComplianceTask
- CreateExportComplianceStatusListJob
- DeleteComplianceAssetPolicySetFromWhitelist
- DeleteCompliancePolicyAssetSetFromWhitelist
- DeleteCompliancePolicyItemFromWhitelist
- DescribeComplianceAssetDetailInfo
- DescribeComplianceAssetList
- DescribeComplianceAssetPolicyItemList
- DescribeCompliancePeriodTaskList
- DescribeCompliancePolicyItemAffectedAssetList
- DescribeCompliancePolicyItemAffectedSummary
- DescribeComplianceScanFailedAssetList
- DescribeComplianceTaskAssetSummary
- DescribeComplianceTaskPolicyItemSummaryList
- DescribeComplianceWhitelistItemList
- InitializeUserComplianceEnvironment
- ModifyCompliancePeriodTask
- ScanComplianceAssets
- ScanComplianceAssetsByPolicyItem
- ScanCompliancePolicyItems
- ScanComplianceScanFailedAssets
- Runtime security - High-risk syscalls
- Runtime Security - Reverse Shell APIs
- Runtime Security APIs
- AddEditAbnormalProcessRule
- DescribeAssetImageBindRuleInfo
- AddEditAccessControlRule
- AddEditRiskSyscallWhiteList
- CreateDefenceVulExportJob
- CreateEmergencyVulExportJob
- CreateProcessEventsExportJob
- CreateRiskDnsEventExportJob
- CreateSystemVulExportJob
- CreateVulContainerExportJob
- CreateVulImageExportJob
- CreateVulScanTask
- CreateWebVulExportJob
- DeleteAbnormalProcessRules
- DeleteAccessControlRules
- DescribeAbnormalProcessEventTendency
- DescribeAbnormalProcessEventsExport
- DescribeAbnormalProcessLevelSummary
- DescribeAbnormalProcessRuleDetail
- DescribeAbnormalProcessRules
- DescribeAbnormalProcessRulesExport
- DescribeAccessControlRuleDetail
- DescribeAccessControlRules
- DescribeAccessControlRulesExport
- DescribeEmergencyVulList
- DescribeSupportDefenceVul
- DescribeVulContainerList
- DescribeVulDetail
- DescribeVulImageList
- DescribeVulScanInfo
- DescribeVulScanLocalImageList
- DescribeWebVulList
- ModifyAbnormalProcessRuleStatus
- ModifyAbnormalProcessStatus
- ModifyAccessControlRuleStatus
- ModifyAccessControlStatus
- OpenTcssTrial
- StopVulScanTask
- DescribeAccessControlEventsExport
- DescribeAbnormalProcessDetail
- DescribeAbnormalProcessEvents
- DescribeAccessControlDetail
- DescribeAccessControlEvents
- DescribeRiskSyscallDetail
- Alert Settings APIs
- Advanced prevention - K8s API abnormal requests
- CreateAccessControlsRuleExportJob
- CreateK8sApiAbnormalEventExportJob
- CreateK8sApiAbnormalRuleExportJob
- CreateK8sApiAbnormalRuleInfo
- DeleteK8sApiAbnormalRule
- DescribeAssetClusterList
- DescribeK8sApiAbnormalEventInfo
- DescribeK8sApiAbnormalEventList
- DescribeK8sApiAbnormalRuleInfo
- DescribeK8sApiAbnormalRuleList
- DescribeK8sApiAbnormalRuleScopeList
- DescribeK8sApiAbnormalSummary
- DescribeK8sApiAbnormalTendency
- ModifyK8sApiAbnormalEventStatus
- ModifyK8sApiAbnormalRuleInfo
- ModifyK8sApiAbnormalRuleStatus
- Asset Management APIs
- CreateAssetImageScanSetting
- CreateAssetImageVirusExportJob
- CreateHostExportJob
- DeleteMachine
- DescribeABTestConfig
- DescribeAgentDaemonSetCmd
- DescribeAgentInstallCommand
- DescribeAssetSyncLastTime
- DescribeExportJobDownloadURL
- DescribeExportJobManageList
- DescribeInspectionReport
- DescribePromotionActivity
- DescribeTcssSummary
- DescribeUnauthorizedCoresTendency
- ModifyContainerNetStatus
- Security Operations - Log Analysis APIs
- CreateSearchTemplate
- DeleteSearchTemplate
- DescribeESAggregations
- DescribeESHits
- DescribeIndexList
- DescribeLogStorageStatistic
- DescribePublicKey
- DescribeSearchExportList
- DescribeSearchLogs
- DescribeSearchTemplates
- DescribeSecLogAlertMsg
- DescribeSecLogCleanSettingInfo
- DescribeSecLogDeliveryClsOptions
- DescribeSecLogDeliveryClsSetting
- DescribeSecLogDeliveryKafkaOptions
- DescribeSecLogDeliveryKafkaSetting
- DescribeSecLogJoinTypeList
- DescribeSecLogKafkaUIN
- ModifySecLogCleanSettingInfo
- ModifySecLogDeliveryClsSetting
- ModifySecLogDeliveryKafkaSetting
- ModifySecLogJoinState
- ModifySecLogKafkaUIN
- ResetSecLogTopicConfig
- DescribeSecLogJoinObjectList
- ModifySecLogJoinObjects
- Runtime Security - Trojan Call APIs
- CreateVirusScanAgain
- DescribeExportJobResult
- DescribeVirusAutoIsolateSampleDetail
- DescribeVirusAutoIsolateSampleDownloadURL
- DescribeVirusAutoIsolateSampleList
- DescribeVirusAutoIsolateSetting
- DescribeVirusEventTendency
- DescribeVirusManualScanEstimateTimeout
- DescribeVirusSampleDownloadUrl
- DescribeVirusScanTaskStatus
- DescribeVirusScanTimeoutSetting
- DescribeVirusSummary
- ExportVirusList
- ModifyVirusAutoIsolateExampleSwitch
- ModifyVirusAutoIsolateSetting
- ModifyVirusFileStatus
- ModifyVirusScanTimeoutSetting
- StopVirusScanTask
- DescribeVirusMonitorSetting
- DescribeVirusScanSetting
- ModifyVirusMonitorSetting
- ModifyVirusScanSetting
- DescribeVirusList
- DescribeVirusTaskList
- CreateVirusScanTask
- DescribeVirusDetail
- Runtime Security - Container Escape APIs
- DeleteEscapeWhiteList
- CreateEscapeWhiteListExportJob
- CreateEscapeEventsExportJob
- AddEscapeWhiteList
- DescribeEscapeEventTendency
- DescribeEscapeEventsExport
- DescribeEscapeRuleInfo
- DescribeEscapeSafeState
- DescribeEscapeWhiteList
- DescribeEscapeEventTypeSummary
- ModifyEscapeEventStatus
- ModifyEscapeRule
- ModifyEscapeWhiteList
- DescribeEscapeEventDetail
- DescribeEscapeEventInfo
- Image Security APIs
- AddAssetImageRegistryRegistryDetail
- AddEditImageAutoAuthorizedRule
- AddIgnoreVul
- CheckRepeatAssetImageRegistry
- CreateAssetImageRegistryScanTask
- CreateAssetImageRegistryScanTaskOneKey
- CreateAssetImageScanTask
- CreateComponentExportJob
- CreateImageExportJob
- CreateOrModifyPostPayCores
- CreateVulDefenceEventExportJob
- CreateVulDefenceHostExportJob
- CreateVulExportJob
- DeleteIgnoreVul
- DescribeAssetAppServiceList
- DescribeAssetComponentList
- DescribeAssetDBServiceList
- DescribeAssetHostList
- DescribeAssetImageDetail
- DescribeAssetImageHostList
- DescribeAssetImageList
- DescribeAssetImageListExport
- DescribeAssetImageRegistryAssetStatus
- DescribeAssetImageRegistryDetail
- DescribeAssetImageRegistryList
- DescribeAssetImageRegistryListExport
- DescribeAssetImageRegistryRegistryDetail
- DescribeAssetImageRegistryRegistryList
- DescribeAssetImageRegistryRiskInfoList
- DescribeAssetImageRegistryRiskListExport
- DescribeAssetImageRegistryScanStatusOneKey
- DescribeAssetImageRegistrySummary
- DescribeAssetImageRegistryVirusList
- DescribeAssetImageRegistryVirusListExport
- DescribeAssetImageRegistryVulList
- DescribeAssetImageRegistryVulListExport
- DescribeAssetImageRiskList
- DescribeAssetImageRiskListExport
- DescribeAssetImageScanSetting
- DescribeAssetImageScanStatus
- DescribeAssetImageScanTask
- DescribeAssetImageSimpleList
- DescribeAssetImageVirusList
- DescribeAssetImageVirusListExport
- DescribeAssetImageVulList
- DescribeAssetImageVulListExport
- DescribeAssetPortList
- DescribeAssetProcessList
- DescribeAssetWebServiceList
- DescribeAutoAuthorizedRuleHost
- DescribeContainerSecEventSummary
- DescribeImageAutoAuthorizedLogList
- DescribeImageAutoAuthorizedRule
- DescribeImageAutoAuthorizedTaskList
- DescribeImageComponentList
- DescribeImageRegistryNamespaceList
- DescribeImageRegistryTimingScanTask
- DescribeImageRiskSummary
- DescribeImageRiskTendency
- DescribeImageSimpleList
- DescribeNewestVul
- DescribePostPayDetail
- DescribeScanIgnoreVulList
- DescribeSecEventsTendency
- DescribeSystemVulList
- DescribeValueAddedSrvInfo
- DescribeVulDefenceEventTendency
- DescribeVulIgnoreLocalImageList
- DescribeVulIgnoreRegistryImageList
- DescribeVulImageSummary
- DescribeVulLevelImageSummary
- DescribeVulLevelSummary
- DescribeVulRegistryImageList
- DescribeVulScanAuthorizedImageSummary
- DescribeVulTendency
- DescribeVulTopRanking
- ModifyAsset
- ModifyAssetImageRegistryScanStop
- ModifyAssetImageRegistryScanStopOneKey
- ModifyAssetImageScanStop
- ModifyImageAuthorized
- ModifyVulDefenceEventStatus
- RemoveAssetImageRegistryRegistryDetail
- RenewImageAuthorizeState
- SwitchImageAutoAuthorizedRule
- SyncAssetImageRegistryAsset
- UpdateAssetImageRegistryRegistryDetail
- UpdateImageRegistryTimingScanTask
- DescribeAssetHostDetail
- DescribeAssetSummary
- DescribeContainerAssetSummary
- DescribeVulDefenceEventDetail
- DescribeVulSummary
- ModifyVulDefenceSetting
- DescribeAssetContainerDetail
- DescribeAssetContainerList
- DescribeVulDefenceEvent
- DescribeVulDefenceHost
- DescribeVulDefencePlugin
- DescribeVulDefenceSetting
- Billing APIs
- Data Types
- Error Codes
- 常见问题
- TCSS 政策
- 联系我们
- 词汇表
- 产品动态
- 产品简介
- 购买指南
- 快速入门
- 操作指南
- 故障处理
- API 文档
- History
- Introduction
- API Category
- Making API Requests
- Network Security APIs
- AddAndPublishNetworkFirewallPolicyDetail
- AddAndPublishNetworkFirewallPolicyYamlDetail
- AddNetworkFirewallPolicyDetail
- AddNetworkFirewallPolicyYamlDetail
- CheckNetworkFirewallPolicyYaml
- ConfirmNetworkFirewallPolicy
- CreateNetworkFirewallClusterRefresh
- CreateNetworkFirewallPolicyDiscover
- CreateNetworkFirewallPublish
- CreateNetworkFirewallUndoPublish
- DeleteNetworkFirewallPolicyDetail
- DescribeNetworkFirewallAuditRecord
- DescribeNetworkFirewallClusterList
- DescribeNetworkFirewallClusterRefreshStatus
- DescribeNetworkFirewallNamespaceLabelList
- DescribeNetworkFirewallPodLabelsList
- DescribeNetworkFirewallPolicyDetail
- DescribeNetworkFirewallPolicyDiscover
- DescribeNetworkFirewallPolicyList
- DescribeNetworkFirewallPolicyStatus
- DescribeNetworkFirewallPolicyYamlDetail
- UpdateAndPublishNetworkFirewallPolicyDetail
- UpdateAndPublishNetworkFirewallPolicyYamlDetail
- UpdateNetworkFirewallPolicyDetail
- UpdateNetworkFirewallPolicyYamlDetail
- Cluster Security APIs
- CreateCheckComponent
- CreateClusterCheckTask
- CreateRefreshTask
- DescribeAffectedClusterCount
- DescribeAffectedNodeList
- DescribeAffectedWorkloadList
- DescribeCheckItemList
- DescribeRefreshTask
- DescribeRiskList
- DescribeTaskResultSummary
- DescribeUnfinishRefreshTask
- DescribeUserCluster
- SetCheckMode
- DescribeClusterDetail
- DescribeClusterSummary
- Security Compliance APIs
- AddComplianceAssetPolicySetToWhitelist
- AddCompliancePolicyAssetSetToWhitelist
- AddCompliancePolicyItemToWhitelist
- CreateComplianceTask
- CreateExportComplianceStatusListJob
- DeleteComplianceAssetPolicySetFromWhitelist
- DeleteCompliancePolicyAssetSetFromWhitelist
- DeleteCompliancePolicyItemFromWhitelist
- DescribeComplianceAssetDetailInfo
- DescribeComplianceAssetList
- DescribeComplianceAssetPolicyItemList
- DescribeCompliancePeriodTaskList
- DescribeCompliancePolicyItemAffectedAssetList
- DescribeCompliancePolicyItemAffectedSummary
- DescribeComplianceScanFailedAssetList
- DescribeComplianceTaskAssetSummary
- DescribeComplianceTaskPolicyItemSummaryList
- DescribeComplianceWhitelistItemList
- InitializeUserComplianceEnvironment
- ModifyCompliancePeriodTask
- ScanComplianceAssets
- ScanComplianceAssetsByPolicyItem
- ScanCompliancePolicyItems
- ScanComplianceScanFailedAssets
- Runtime security - High-risk syscalls
- Runtime Security - Reverse Shell APIs
- Runtime Security APIs
- AddEditAbnormalProcessRule
- DescribeAssetImageBindRuleInfo
- AddEditAccessControlRule
- AddEditRiskSyscallWhiteList
- CreateDefenceVulExportJob
- CreateEmergencyVulExportJob
- CreateProcessEventsExportJob
- CreateRiskDnsEventExportJob
- CreateSystemVulExportJob
- CreateVulContainerExportJob
- CreateVulImageExportJob
- CreateVulScanTask
- CreateWebVulExportJob
- DeleteAbnormalProcessRules
- DeleteAccessControlRules
- DescribeAbnormalProcessEventTendency
- DescribeAbnormalProcessEventsExport
- DescribeAbnormalProcessLevelSummary
- DescribeAbnormalProcessRuleDetail
- DescribeAbnormalProcessRules
- DescribeAbnormalProcessRulesExport
- DescribeAccessControlRuleDetail
- DescribeAccessControlRules
- DescribeAccessControlRulesExport
- DescribeEmergencyVulList
- DescribeSupportDefenceVul
- DescribeVulContainerList
- DescribeVulDetail
- DescribeVulImageList
- DescribeVulScanInfo
- DescribeVulScanLocalImageList
- DescribeWebVulList
- ModifyAbnormalProcessRuleStatus
- ModifyAbnormalProcessStatus
- ModifyAccessControlRuleStatus
- ModifyAccessControlStatus
- OpenTcssTrial
- StopVulScanTask
- DescribeAccessControlEventsExport
- DescribeAbnormalProcessDetail
- DescribeAbnormalProcessEvents
- DescribeAccessControlDetail
- DescribeAccessControlEvents
- DescribeRiskSyscallDetail
- Alert Settings APIs
- Advanced prevention - K8s API abnormal requests
- CreateAccessControlsRuleExportJob
- CreateK8sApiAbnormalEventExportJob
- CreateK8sApiAbnormalRuleExportJob
- CreateK8sApiAbnormalRuleInfo
- DeleteK8sApiAbnormalRule
- DescribeAssetClusterList
- DescribeK8sApiAbnormalEventInfo
- DescribeK8sApiAbnormalEventList
- DescribeK8sApiAbnormalRuleInfo
- DescribeK8sApiAbnormalRuleList
- DescribeK8sApiAbnormalRuleScopeList
- DescribeK8sApiAbnormalSummary
- DescribeK8sApiAbnormalTendency
- ModifyK8sApiAbnormalEventStatus
- ModifyK8sApiAbnormalRuleInfo
- ModifyK8sApiAbnormalRuleStatus
- Asset Management APIs
- CreateAssetImageScanSetting
- CreateAssetImageVirusExportJob
- CreateHostExportJob
- DeleteMachine
- DescribeABTestConfig
- DescribeAgentDaemonSetCmd
- DescribeAgentInstallCommand
- DescribeAssetSyncLastTime
- DescribeExportJobDownloadURL
- DescribeExportJobManageList
- DescribeInspectionReport
- DescribePromotionActivity
- DescribeTcssSummary
- DescribeUnauthorizedCoresTendency
- ModifyContainerNetStatus
- Security Operations - Log Analysis APIs
- CreateSearchTemplate
- DeleteSearchTemplate
- DescribeESAggregations
- DescribeESHits
- DescribeIndexList
- DescribeLogStorageStatistic
- DescribePublicKey
- DescribeSearchExportList
- DescribeSearchLogs
- DescribeSearchTemplates
- DescribeSecLogAlertMsg
- DescribeSecLogCleanSettingInfo
- DescribeSecLogDeliveryClsOptions
- DescribeSecLogDeliveryClsSetting
- DescribeSecLogDeliveryKafkaOptions
- DescribeSecLogDeliveryKafkaSetting
- DescribeSecLogJoinTypeList
- DescribeSecLogKafkaUIN
- ModifySecLogCleanSettingInfo
- ModifySecLogDeliveryClsSetting
- ModifySecLogDeliveryKafkaSetting
- ModifySecLogJoinState
- ModifySecLogKafkaUIN
- ResetSecLogTopicConfig
- DescribeSecLogJoinObjectList
- ModifySecLogJoinObjects
- Runtime Security - Trojan Call APIs
- CreateVirusScanAgain
- DescribeExportJobResult
- DescribeVirusAutoIsolateSampleDetail
- DescribeVirusAutoIsolateSampleDownloadURL
- DescribeVirusAutoIsolateSampleList
- DescribeVirusAutoIsolateSetting
- DescribeVirusEventTendency
- DescribeVirusManualScanEstimateTimeout
- DescribeVirusSampleDownloadUrl
- DescribeVirusScanTaskStatus
- DescribeVirusScanTimeoutSetting
- DescribeVirusSummary
- ExportVirusList
- ModifyVirusAutoIsolateExampleSwitch
- ModifyVirusAutoIsolateSetting
- ModifyVirusFileStatus
- ModifyVirusScanTimeoutSetting
- StopVirusScanTask
- DescribeVirusMonitorSetting
- DescribeVirusScanSetting
- ModifyVirusMonitorSetting
- ModifyVirusScanSetting
- DescribeVirusList
- DescribeVirusTaskList
- CreateVirusScanTask
- DescribeVirusDetail
- Runtime Security - Container Escape APIs
- DeleteEscapeWhiteList
- CreateEscapeWhiteListExportJob
- CreateEscapeEventsExportJob
- AddEscapeWhiteList
- DescribeEscapeEventTendency
- DescribeEscapeEventsExport
- DescribeEscapeRuleInfo
- DescribeEscapeSafeState
- DescribeEscapeWhiteList
- DescribeEscapeEventTypeSummary
- ModifyEscapeEventStatus
- ModifyEscapeRule
- ModifyEscapeWhiteList
- DescribeEscapeEventDetail
- DescribeEscapeEventInfo
- Image Security APIs
- AddAssetImageRegistryRegistryDetail
- AddEditImageAutoAuthorizedRule
- AddIgnoreVul
- CheckRepeatAssetImageRegistry
- CreateAssetImageRegistryScanTask
- CreateAssetImageRegistryScanTaskOneKey
- CreateAssetImageScanTask
- CreateComponentExportJob
- CreateImageExportJob
- CreateOrModifyPostPayCores
- CreateVulDefenceEventExportJob
- CreateVulDefenceHostExportJob
- CreateVulExportJob
- DeleteIgnoreVul
- DescribeAssetAppServiceList
- DescribeAssetComponentList
- DescribeAssetDBServiceList
- DescribeAssetHostList
- DescribeAssetImageDetail
- DescribeAssetImageHostList
- DescribeAssetImageList
- DescribeAssetImageListExport
- DescribeAssetImageRegistryAssetStatus
- DescribeAssetImageRegistryDetail
- DescribeAssetImageRegistryList
- DescribeAssetImageRegistryListExport
- DescribeAssetImageRegistryRegistryDetail
- DescribeAssetImageRegistryRegistryList
- DescribeAssetImageRegistryRiskInfoList
- DescribeAssetImageRegistryRiskListExport
- DescribeAssetImageRegistryScanStatusOneKey
- DescribeAssetImageRegistrySummary
- DescribeAssetImageRegistryVirusList
- DescribeAssetImageRegistryVirusListExport
- DescribeAssetImageRegistryVulList
- DescribeAssetImageRegistryVulListExport
- DescribeAssetImageRiskList
- DescribeAssetImageRiskListExport
- DescribeAssetImageScanSetting
- DescribeAssetImageScanStatus
- DescribeAssetImageScanTask
- DescribeAssetImageSimpleList
- DescribeAssetImageVirusList
- DescribeAssetImageVirusListExport
- DescribeAssetImageVulList
- DescribeAssetImageVulListExport
- DescribeAssetPortList
- DescribeAssetProcessList
- DescribeAssetWebServiceList
- DescribeAutoAuthorizedRuleHost
- DescribeContainerSecEventSummary
- DescribeImageAutoAuthorizedLogList
- DescribeImageAutoAuthorizedRule
- DescribeImageAutoAuthorizedTaskList
- DescribeImageComponentList
- DescribeImageRegistryNamespaceList
- DescribeImageRegistryTimingScanTask
- DescribeImageRiskSummary
- DescribeImageRiskTendency
- DescribeImageSimpleList
- DescribeNewestVul
- DescribePostPayDetail
- DescribeScanIgnoreVulList
- DescribeSecEventsTendency
- DescribeSystemVulList
- DescribeValueAddedSrvInfo
- DescribeVulDefenceEventTendency
- DescribeVulIgnoreLocalImageList
- DescribeVulIgnoreRegistryImageList
- DescribeVulImageSummary
- DescribeVulLevelImageSummary
- DescribeVulLevelSummary
- DescribeVulRegistryImageList
- DescribeVulScanAuthorizedImageSummary
- DescribeVulTendency
- DescribeVulTopRanking
- ModifyAsset
- ModifyAssetImageRegistryScanStop
- ModifyAssetImageRegistryScanStopOneKey
- ModifyAssetImageScanStop
- ModifyImageAuthorized
- ModifyVulDefenceEventStatus
- RemoveAssetImageRegistryRegistryDetail
- RenewImageAuthorizeState
- SwitchImageAutoAuthorizedRule
- SyncAssetImageRegistryAsset
- UpdateAssetImageRegistryRegistryDetail
- UpdateImageRegistryTimingScanTask
- DescribeAssetHostDetail
- DescribeAssetSummary
- DescribeContainerAssetSummary
- DescribeVulDefenceEventDetail
- DescribeVulSummary
- ModifyVulDefenceSetting
- DescribeAssetContainerDetail
- DescribeAssetContainerList
- DescribeVulDefenceEvent
- DescribeVulDefenceHost
- DescribeVulDefencePlugin
- DescribeVulDefenceSetting
- Billing APIs
- Data Types
- Error Codes
- 常见问题
- TCSS 政策
- 联系我们
- 词汇表
支持实时监控集群 API 异常请求行为,包括系统策略和用户自定义规则两部分。
系统策略:基于腾讯云安全技术及多维度多种手段,通过匿名访问、异常 UA 请求、匿名用户权限变动、凭据信息获取、敏感路径挂载、命令执行、异常定时任务、静态 pod 创建、可疑容器创建等共9个规则类型,对集群 API 异常请求行为进行监测。
用户自定义规则:支持自定义 K8s API 异常请求字段,及具体生效范围,更加灵活贴近实际业务需求。
事件列表
安全状态和事件趋势
安全状态将根据系统上报的安全事件,实时统计待处理的 K8s API 异常请求事件,以及按高危、中危、低危、提示来统计安全事件数量。
事件趋势将根据系统上报的安全事件,按命中的系统规则和自定义规则来统计近七天安全事件趋势。
事件列表
您可以选择“最近生成时间”来查看安全事件,或通过集群名称或集群 ID 来检索关联的安全事件。事件列表字段包括:
字段名称 | 字段详情 |
命中规则 | 匿名访问、异常 UA 请求、匿名用户权限变动、凭据信息获取、敏感路径挂载、命令执行、异常定时任务、静态 pod 创建、可疑容器创建等9个系统规则和用户自定义规则。 |
规则类型 | 系统规则、用户自定义规则。 |
威胁等级 | 高危、中危、低危和提示。 |
受影响集群名称/ID/运行状态 | 展示安全事件影响的集群名称、集群 ID 以及集群运行状态。 |
首次生成时间 | 该条安全事件首次发生的时间。 |
最近生成时间 | 该条安全事件最近发生的时间。 |
告警数量 | 系统按集群名称、集群 ID、命中规则、请求日志等对待处理安全事件进行聚合展示,聚合周期为当天。 |
状态 | 待处理、已处理、已忽略、已加白。 |
操作 | 单击查看详情,查看事件详情。 |
查看详情
在事件列表中,单击查看详情,查看事件详情。详情包括事件详情,集群名称/ID,集群运行时组件,风险描述,建议方案,异常请求信息和 json 日志。
处理事件
1. 在事件列表中,单击处理,可以选择对事件进行标记已处理、添加白名单、忽略和删除记录,单击确定。
2. 在二次确认窗口中,进行如下操作:
标记已处理:建议您参照事件详情中的“解决方案”,人工对该事件风险进行处理,单击确定,处理后可将事件标记为已处理。
添加白名单:配置相关参数,单击确定。
说明:
若您确认该 K8s API 请求属于正常行为,可添加白名单放行规则,后续再出现该请求,将直接放行不再告警,请谨慎操作。
添加白名单时,系统会根据加白的来源事件自动填入触发告警的字段和集群。如有需要,可手动调整白名单的生效字段和生效集群范围。
忽略:单击确定,仅将已选事件进行忽略,若再有相同事件发生依然会进行告警。
删除记录:单击确定,删除已选事件记录,控制台将不再显示,无法恢复记录,请慎重操作。
规则配置
系统规则
在规则配置页面,开启或关闭系统规则和自定义规则。单击系统规则名称,可查看全部系统规则类型,如下图所示。用户也可以通过此页面,关闭部分系统规则类型。
自定义规则
除容器安全服务产品提供的系统规则,用户也可以自定义创建规则。
在规则配置页面,单击创建规则,配置相关参数,单击保存。
字段名称 | 字段详情 |
基础设置 | 包括自定义规则的名称,以及是否启用规则的开关。 |
规则设置 | 在此部分配置告警和放行的字段,配置告警字段时需同步配置规则的威胁等级。 当配置内容多条时,单击下方的添加规则即可。 配置规则的具体内容时,单击匹配范围列的编辑,规则配置支持正则表达式。 |
生效范围 | 用户可自定义选择配置规则的生效集群范围。 注意:同一个集群只能绑定一个自定义规则,如需对一个集群配置多条检测规则,建议在同一条规则中编辑添加。 |
TKE K8s集群开启审计流程
当集群的审计功能未开启时,无法采集到 K8s API 的审计日志来进行风险检测。
说明:
1. 在容器服务控制台的 运维功能管理页面,选中需要开启审计的集群,单击设置。
2. 在设置功能页面,单击集群审计功能的编辑。
3. 勾选开启集群审计,单击确定即可。
是
否
本页内容是否解决了您的问题?