- 动态与公告
- 产品简介
- 购买指南
- 快速入门
- 操作指南
- 软件相关说明
- 实践教程
- 故障处理
- API 文档
- History
- Introduction
- API Category
- Asset Management APIs
- DescribeAssetMachineList
- DescribeAssetMachineDetail
- DescribeAssetUserList
- DescribeAssetUserInfo
- DescribeAssetPortInfoList
- DescribeAssetProcessInfoList
- DescribeAssetAppList
- DescribeAssetAppProcessList
- DescribeAssetDatabaseList
- DescribeAssetDatabaseInfo
- DescribeAssetWebAppList
- DescribeAssetWebServiceInfoList
- DescribeAssetWebAppPluginList
- DescribeAssetWebServiceProcessList
- DescribeAssetWebFrameList
- DescribeAssetWebLocationList
- DescribeAssetWebLocationInfo
- DescribeAssetJarList
- DescribeAssetJarInfo
- DescribeAssetInitServiceList
- DescribeAssetPlanTaskList
- DescribeAssetCoreModuleList
- DescribeAssetCoreModuleInfo
- DescribeAssetSystemPackageList
- SyncAssetScan
- DescribeAssetRecentMachineInfo
- DescribeAssetMachineTagTop
- DescribeAssetLoadInfo
- DescribeAssetTypeTop
- ExportAssetRecentMachineInfo
- DescribeMachineGeneral
- DescribeMachineRegions
- DescribeMachineOsList
- DescribeMachineLicenseDetail
- DescribeMachinesSimple
- DescribeDirectConnectInstallCommand
- DescribeAgentInstallationToken
- RemoveMachine
- DescribeHostInfo
- EditTags
- DescribeTags
- DeleteTags
- DeleteMachineTag
- UpdateMachineTags
- DescribeTagMachines
- ExportAssetUserList
- DescribeAssetUserCount
- ExportAssetMachineList
- ExportAssetMachineDetail
- DescribeAssetPortCount
- ExportAssetPortInfoList
- DescribeAssetProcessCount
- DescribeProcessStatistics
- ExportAssetProcessInfoList
- DescribeAssetAppCount
- ExportAssetAppList
- DescribeAssetDatabaseCount
- ExportAssetDatabaseList
- DescribeAssetWebAppCount
- ExportAssetWebAppList
- DescribeAssetWebServiceCount
- ExportAssetWebServiceInfoList
- DescribeAssetWebLocationCount
- ExportAssetWebLocationList
- DescribeAssetWebLocationPathList
- DescribeAssetWebFrameCount
- ExportAssetWebFrameList
- ExportAssetCoreModuleList
- DescribeAssetDiskList
- DescribeFileTamperRules
- DescribeMachineFileTamperRules
- ExportAssetEnvList
- DescribeAssetHostTotalCount
- DescribeAssetTotalCount
- ExportAssetInitServiceList
- ExportAssetJarList
- ExportAssetPlanTaskList
- ExportAssetSystemPackageList
- DescribeAssetUserKeyList
- DescribeComponentStatistics
- DescribeHistoryAccounts
- DescribeAccountStatistics
- DeleteMachineClearHistory
- DescribeAssetInfo
- ModifyMachineAutoClearConfig
- DescribeExportMachines
- DescribeMachineClearHistory
- CreateIncidentBacktracking
- DescribeMachineRegionList
- DescribeProcesses
- DescribeProcessTaskStatus
- DescribeComponents
- DescribeComponentInfo
- DescribeAccounts
- CreateProcessTask
- DescribeOpenPortTaskStatus
- AddMachineTag
- CreateOpenPortTask
- Virus Scanning APIs
- DescribeMalWareList
- DescribeMalwareInfo
- DescribeMalwareWhiteList
- DescribeNetAttackWhiteList
- DescribeMalwareWhiteListAffectList
- DeleteMalwareWhiteList
- DeleteNetAttackWhiteList
- DescribeMalwareFile
- CreateScanMalwareSetting
- DeleteMalwareScanTask
- DescribeScanMalwareSchedule
- DescribeMalwareRiskWarning
- ModifyMalwareTimingScanSettings
- DescribeMalwareTimingScanSetting
- DescribeServersAndRiskAndFirstInfo
- DescribeVulDefenceSetting
- DescribeVulDefencePluginExceptionCount
- DescribeVulDefenceOverview
- DescribeJavaMemShellList
- ModifyJavaMemShellsStatus
- DescribeJavaMemShellPluginList
- DeleteAllJavaMemShells
- DescribeJavaMemShellInfo
- DescribeJavaMemShellPluginInfo
- ModifyJavaMemShellPluginSwitch
- CreateMalwareWhiteList
- CreateNetAttackWhiteList
- DescribeMalwareRiskOverview
- DescribeRiskProcessEvents
- ModifyMalwareWhiteList
- ModifyNetAttackWhiteList
- ExportJavaMemShellPlugins
- ExportJavaMemShells
- ExportRiskProcessEvents
- Abnormal Log-in APIs
- Password Cracking APIs
- Malicious Request APIs
- DescribeRiskDnsList
- CreateMaliciousRequestWhiteList
- ModifyMaliciousRequestWhiteList
- DeleteMaliciousRequestWhiteList
- DescribeMaliciousRequestWhiteList
- DeleteRiskDnsEvent
- DeleteRiskDnsPolicy
- DescribeRiskDnsEventInfo
- DescribeRiskDnsEventList
- DescribeRiskDnsPolicyList
- ExportRiskDnsPolicyList
- ModifyRiskDnsPolicy
- ModifyRiskDnsPolicyStatus
- DescribeRiskDnsInfo
- ExportRiskDnsEventList
- High-Risk Command APIs
- DescribeBashEvents
- DescribeBashEventsNew
- SetBashEventsStatus
- DeleteBashEvents
- DescribeBashPolicies
- DescribeBashRules
- EditBashRules
- ModifyBashPolicy
- DeleteBashPolicies
- DeleteBashRules
- ModifyBashPolicyStatus
- SwitchBashRules
- CheckBashPolicyParams
- CheckBashRuleParams
- DescribeBashEventsInfo
- DescribeBashEventsInfoNew
- ExportBashEvents
- ExportBashEventsNew
- ExportBashPolicies
- Local Privilege Escalation APIs
- Reverse Shell APIs
- Vulnerability Management APIs
- ScanVul
- DescribeScanSchedule
- ScanVulAgain
- DescribeVdbAndPocInfo
- DescribeVulEmergentMsg
- DescribeVulTop
- DescribeVulHostTop
- DescribeVulHostCountScanTime
- DescribeUndoVulCounts
- DescribeVulCountByDates
- DescribeVulLevelCount
- ExportVulList
- CreateEmergencyVulScan
- DescribeVulCveIdInfo
- DescribeVulInfoCvss
- DescribeVulEffectHostList
- DescribeVulEffectModules
- ExportVulEffectHostList
- ExportVulInfo
- IgnoreImpactedHosts
- CancelIgnoreVul
- ExportVulDetectionReport
- ModifyVulDefenceSetting
- ExportVulDefencePluginEvent
- DescribeVulDefencePluginDetail
- DescribeVulDefenceEvent
- ExportVulDefenceEvent
- ModifyVulDefenceEventStatus
- DescribeDefenceEventDetail
- CreateVulFix
- DescribeCanFixVulMachine
- DescribeMachineSnapshot
- DescribeVulDefenceList
- DescribeVulFixStatus
- ExportVulDefenceList
- RetryCreateSnapshot
- RetryVulFix
- DescribeScanVulSetting
- ScanVulSetting
- DescribeEmergencyVulList
- DescribeVulDefencePluginStatus
- ExportVulDetectionExcel
- DescribeVulList
- RescanImpactedHost
- DescribeVuls
- DescribeVulScanResult
- DescribeVulInfo
- DescribeImpactedHosts
- DescribeAgentVuls
- New Baseline Management APIs
- DeleteBaselinePolicy
- DescribeBaselineHostDetectList
- DescribeBaselineItemDetectList
- DescribeBaselineItemList
- DescribeBaselinePolicyList
- DescribeBaselineWeakPasswordList
- DescribeIgnoreHostAndItemConfig
- ExportBaselineFixList
- ExportBaselineHostDetectList
- ExportBaselineItemDetectList
- StartBaselineDetect
- StopBaselineDetect
- SyncBaselineDetectSummary
- DescribeHotVulTop
- DescribeVulStoreList
- ModifyBaselinePolicy
- Baseline Management APIs
- DescribeBaselineTop
- DescribeBaselineHostTop
- DescribeBaselineDefaultStrategyList
- CreateBaselineStrategy
- DescribeStrategyExist
- UpdateBaselineStrategy
- DeleteBaselineStrategy
- DescribeBaselineStrategyList
- DescribeBaselineStrategyDetail
- DescribeBaselineBasicInfo
- DescribeBaselineEffectHostList
- DescribeBaselineList
- DescribeBaselineDetail
- DescribeSecurityBroadcastInfo
- ScanBaseline
- DescribeBaselineScanSchedule
- CheckFirstScanBaseline
- ChangeStrategyEnableStatus
- ChangeRuleEventsIgnoreStatus
- DescribeIgnoreBaselineRule
- DescribeIgnoreRuleEffectHostList
- DescribeBaselineRule
- ExportBaselineEffectHostList
- ExportBaselineList
- ExportIgnoreBaselineRule
- ExportIgnoreRuleEffectHostList
- Advanced Defense APIs
- DescribeAttackEvents
- DescribeAttackLogs
- DescribeMachineDefenseCnt
- DescribeMachineRiskCnt
- ExportFileTamperEvents
- DescribeAttackVulTypeList
- DescribeVulLabels
- DescribeVulOverview
- CheckFileTamperRule
- DescribeRansomDefenseBackupList
- DescribeRansomDefenseEventsList
- DescribeRansomDefenseMachineList
- DescribeRansomDefenseRollBackTaskList
- DescribeRansomDefenseStrategyMachines
- ModifyWebPageProtectSwitch
- ModifyFileTamperEvents
- ModifyFileTamperRuleStatus
- DescribeFileTamperEventRuleInfo
- DescribeFileTamperRuleCount
- DescribeFileTamperRuleInfo
- ModifyRansomDefenseEventsStatus
- DescribeFileTamperEvents
- DescribeRansomDefenseStrategyList
- ExportRansomDefenseBackupList
- ExportRansomDefenseEventsList
- ExportRansomDefenseMachineList
- ExportRansomDefenseStrategyList
- ExportRansomDefenseStrategyMachines
- ModifyFileTamperRule
- ExportFileTamperRules
- ModifyNetAttackSetting
- DescribeAttackEventInfo
- DescribeAttackStatistics
- DescribeAttackTop
- DescribeAttackTrends
- DescribeNetAttackSetting
- ExportAttackEvents
- Security Operation APIs
- Expert Service APIs
- Other APIs
- DescribeOpenPortStatistics
- DeleteMachine
- DeleteNonlocalLoginPlaces
- DescribeUsualLoginPlaces
- DeleteBruteAttacks
- DescribeLogStorageConfig
- DescribeLogStorageRecord
- ModifyLogStorageConfig
- DescribeTrialReport
- DescribeAssetEnvList
- DescribeABTestConfig
- DescribeRiskBatchStatus
- ExportTasks
- DescribeGeneralStat
- DescribeScreenGeneralStat
- DescribeVersionStatistics
- DescribeSafeInfo
- CreateRansomDefenseStrategy
- DescribeRansomDefenseMachineStrategyInfo
- DescribeRansomDefenseState
- DescribeRansomDefenseStrategyDetail
- DescribeRansomDefenseTrend
- DescribeSecurityEventStat
- ModifyRansomDefenseStrategyStatus
- RansomDefenseRollback
- DescribeScreenAttackHotspot
- DescribeScreenBroadcasts
- DescribeScreenDefenseTrends
- DescribeScreenEmergentMsg
- DescribeScreenEventsCnt
- DescribeScreenHostInvasion
- DescribeScreenMachineRegions
- DescribeScreenMachines
- DescribeScreenProtectionCnt
- DescribeScreenRiskAssetsTop
- DescribeSecurityEventsCnt
- ExportSecurityTrends
- DescribeScanTaskDetails
- DescribeScanState
- DeleteScanTask
- DescribeScanTaskStatus
- ScanTaskAgain
- DescribeAgentInstallCommand
- DescribePublicProxyInstallCommand
- DescribeVersionCompareChart
- CreateBuyBindTask
- SyncMachines
- CheckLogKafkaConnectionState
- CreateLogExport
- DeleteLogExport
- DescribeAESKey
- DescribeAssetTypes
- DescribeAttackSource
- DescribeAttackSourceEvents
- DescribeCanNotSeparateMachine
- DescribeClientException
- DescribeFastAnalysis
- DescribeLogDeliveryKafkaOptions
- DescribeLogExports
- DescribeLogHistogram
- DescribeLogIndex
- DescribeLogKafkaDeliverInfo
- DescribeScreenProtectionStat
- DescribeWarningHostConfig
- ModifyLogKafkaAccess
- ModifyLogKafkaDeliverType
- ModifyLogKafkaState
- ModifyEventAttackStatus
- ModifyRiskEventsStatus
- ModifyWarningHostConfig
- SearchLog
- StopAssetScan
- ClearLocalStorage
- DescribeLicenseWhiteConfig
- DescribeProductStatus
- GetLocalStorageItem
- KeysLocalStorage
- RemoveLocalStorageItem
- SetLocalStorageExpire
- SetLocalStorageItem
- DescribeVulTrend
- ExportScanTaskDetails
- DescribeAlarmIncidentNodes
- DescribeAlarmVertexId
- DescribeEventByTable
- DescribeProVersionStatus
- DescribeVertexDetail
- DeleteWebHookPolicy
- DeleteWebHookReceiver
- DescribeRecommendedProtectCpu
- DescribeUsersConfig
- DescribeWebHookPolicy
- DescribeWebHookReceiver
- DescribeWebHookReceiverUsage
- ModifyUsersConfig
- ModifyWebHookPolicy
- ModifyWebHookPolicyStatus
- ModifyWebHookReceiver
- DeleteUsualLoginPlaces
- CreateUsualLoginPlaces
- CloseProVersion
- DescribeWeeklyReports
- DescribeWeeklyReportVuls
- DescribeWeeklyReportNonlocalLoginPlaces
- DescribeWeeklyReportMalwares
- DescribeWeeklyReportInfo
- DescribeWeeklyReportBruteAttacks
- DescribeOpenPorts
- RenewProVersion
- OpenProVersionPrepaid
- ModifyProVersionRenewFlag
- InquiryPriceOpenProVersionPrepaid
- OpenProVersion
- Overview Statistics APIs
- Settings Center APIs
- DescribeProVersionInfo
- DescribeWarningList
- ModifyWarningSetting
- ModifyAutoOpenProVersionConfig
- DescribeLicenseGeneral
- DescribeLicenseList
- DeleteLicenseRecord
- DescribeLicenseBindList
- ModifyLicenseBinds
- DescribeLicenseBindSchedule
- CreateLicenseOrder
- DeleteLicenseRecordAll
- DestroyOrder
- CreateWhiteListOrder
- DeleteWebHookRule
- DescribeLicense
- DescribeWebHookRule
- DescribeWebHookRules
- ExportLicenseDetail
- ModifyWebHookRule
- ModifyWebHookRuleStatus
- TestWebHookRule
- CreateCloudProtectServiceOrderRecord
- DescribeCloudProtectServiceOrderList
- ModifyLicenseOrder
- DescribeAlarmAttribute
- Making API Requests
- Intrusion Detection APIs
- DeleteMalwares
- TrustMalwares
- UntrustMalwares
- SeparateMalwares
- RecoverMalwares
- ExportMalwares
- DescribeLoginWhiteList
- DeleteLoginWhiteList
- ExportNonlocalLoginPlaces
- ExportBruteAttacks
- DeleteMaliciousRequests
- ExportMaliciousRequests
- MisAlarmNonlocalLoginPlaces
- DescribeNonlocalLoginPlaces
- DescribeMalwares
- DescribeBruteAttacks
- UntrustMaliciousRequest
- TrustMaliciousRequest
- DescribeMaliciousRequests
- ModifyLoginWhiteList
- AddLoginWhiteList
- Data Types
- Error Codes
- 常见问题
- 相关协议
- 联系我们
- 词汇表
- 动态与公告
- 产品简介
- 购买指南
- 快速入门
- 操作指南
- 软件相关说明
- 实践教程
- 故障处理
- API 文档
- History
- Introduction
- API Category
- Asset Management APIs
- DescribeAssetMachineList
- DescribeAssetMachineDetail
- DescribeAssetUserList
- DescribeAssetUserInfo
- DescribeAssetPortInfoList
- DescribeAssetProcessInfoList
- DescribeAssetAppList
- DescribeAssetAppProcessList
- DescribeAssetDatabaseList
- DescribeAssetDatabaseInfo
- DescribeAssetWebAppList
- DescribeAssetWebServiceInfoList
- DescribeAssetWebAppPluginList
- DescribeAssetWebServiceProcessList
- DescribeAssetWebFrameList
- DescribeAssetWebLocationList
- DescribeAssetWebLocationInfo
- DescribeAssetJarList
- DescribeAssetJarInfo
- DescribeAssetInitServiceList
- DescribeAssetPlanTaskList
- DescribeAssetCoreModuleList
- DescribeAssetCoreModuleInfo
- DescribeAssetSystemPackageList
- SyncAssetScan
- DescribeAssetRecentMachineInfo
- DescribeAssetMachineTagTop
- DescribeAssetLoadInfo
- DescribeAssetTypeTop
- ExportAssetRecentMachineInfo
- DescribeMachineGeneral
- DescribeMachineRegions
- DescribeMachineOsList
- DescribeMachineLicenseDetail
- DescribeMachinesSimple
- DescribeDirectConnectInstallCommand
- DescribeAgentInstallationToken
- RemoveMachine
- DescribeHostInfo
- EditTags
- DescribeTags
- DeleteTags
- DeleteMachineTag
- UpdateMachineTags
- DescribeTagMachines
- ExportAssetUserList
- DescribeAssetUserCount
- ExportAssetMachineList
- ExportAssetMachineDetail
- DescribeAssetPortCount
- ExportAssetPortInfoList
- DescribeAssetProcessCount
- DescribeProcessStatistics
- ExportAssetProcessInfoList
- DescribeAssetAppCount
- ExportAssetAppList
- DescribeAssetDatabaseCount
- ExportAssetDatabaseList
- DescribeAssetWebAppCount
- ExportAssetWebAppList
- DescribeAssetWebServiceCount
- ExportAssetWebServiceInfoList
- DescribeAssetWebLocationCount
- ExportAssetWebLocationList
- DescribeAssetWebLocationPathList
- DescribeAssetWebFrameCount
- ExportAssetWebFrameList
- ExportAssetCoreModuleList
- DescribeAssetDiskList
- DescribeFileTamperRules
- DescribeMachineFileTamperRules
- ExportAssetEnvList
- DescribeAssetHostTotalCount
- DescribeAssetTotalCount
- ExportAssetInitServiceList
- ExportAssetJarList
- ExportAssetPlanTaskList
- ExportAssetSystemPackageList
- DescribeAssetUserKeyList
- DescribeComponentStatistics
- DescribeHistoryAccounts
- DescribeAccountStatistics
- DeleteMachineClearHistory
- DescribeAssetInfo
- ModifyMachineAutoClearConfig
- DescribeExportMachines
- DescribeMachineClearHistory
- CreateIncidentBacktracking
- DescribeMachineRegionList
- DescribeProcesses
- DescribeProcessTaskStatus
- DescribeComponents
- DescribeComponentInfo
- DescribeAccounts
- CreateProcessTask
- DescribeOpenPortTaskStatus
- AddMachineTag
- CreateOpenPortTask
- Virus Scanning APIs
- DescribeMalWareList
- DescribeMalwareInfo
- DescribeMalwareWhiteList
- DescribeNetAttackWhiteList
- DescribeMalwareWhiteListAffectList
- DeleteMalwareWhiteList
- DeleteNetAttackWhiteList
- DescribeMalwareFile
- CreateScanMalwareSetting
- DeleteMalwareScanTask
- DescribeScanMalwareSchedule
- DescribeMalwareRiskWarning
- ModifyMalwareTimingScanSettings
- DescribeMalwareTimingScanSetting
- DescribeServersAndRiskAndFirstInfo
- DescribeVulDefenceSetting
- DescribeVulDefencePluginExceptionCount
- DescribeVulDefenceOverview
- DescribeJavaMemShellList
- ModifyJavaMemShellsStatus
- DescribeJavaMemShellPluginList
- DeleteAllJavaMemShells
- DescribeJavaMemShellInfo
- DescribeJavaMemShellPluginInfo
- ModifyJavaMemShellPluginSwitch
- CreateMalwareWhiteList
- CreateNetAttackWhiteList
- DescribeMalwareRiskOverview
- DescribeRiskProcessEvents
- ModifyMalwareWhiteList
- ModifyNetAttackWhiteList
- ExportJavaMemShellPlugins
- ExportJavaMemShells
- ExportRiskProcessEvents
- Abnormal Log-in APIs
- Password Cracking APIs
- Malicious Request APIs
- DescribeRiskDnsList
- CreateMaliciousRequestWhiteList
- ModifyMaliciousRequestWhiteList
- DeleteMaliciousRequestWhiteList
- DescribeMaliciousRequestWhiteList
- DeleteRiskDnsEvent
- DeleteRiskDnsPolicy
- DescribeRiskDnsEventInfo
- DescribeRiskDnsEventList
- DescribeRiskDnsPolicyList
- ExportRiskDnsPolicyList
- ModifyRiskDnsPolicy
- ModifyRiskDnsPolicyStatus
- DescribeRiskDnsInfo
- ExportRiskDnsEventList
- High-Risk Command APIs
- DescribeBashEvents
- DescribeBashEventsNew
- SetBashEventsStatus
- DeleteBashEvents
- DescribeBashPolicies
- DescribeBashRules
- EditBashRules
- ModifyBashPolicy
- DeleteBashPolicies
- DeleteBashRules
- ModifyBashPolicyStatus
- SwitchBashRules
- CheckBashPolicyParams
- CheckBashRuleParams
- DescribeBashEventsInfo
- DescribeBashEventsInfoNew
- ExportBashEvents
- ExportBashEventsNew
- ExportBashPolicies
- Local Privilege Escalation APIs
- Reverse Shell APIs
- Vulnerability Management APIs
- ScanVul
- DescribeScanSchedule
- ScanVulAgain
- DescribeVdbAndPocInfo
- DescribeVulEmergentMsg
- DescribeVulTop
- DescribeVulHostTop
- DescribeVulHostCountScanTime
- DescribeUndoVulCounts
- DescribeVulCountByDates
- DescribeVulLevelCount
- ExportVulList
- CreateEmergencyVulScan
- DescribeVulCveIdInfo
- DescribeVulInfoCvss
- DescribeVulEffectHostList
- DescribeVulEffectModules
- ExportVulEffectHostList
- ExportVulInfo
- IgnoreImpactedHosts
- CancelIgnoreVul
- ExportVulDetectionReport
- ModifyVulDefenceSetting
- ExportVulDefencePluginEvent
- DescribeVulDefencePluginDetail
- DescribeVulDefenceEvent
- ExportVulDefenceEvent
- ModifyVulDefenceEventStatus
- DescribeDefenceEventDetail
- CreateVulFix
- DescribeCanFixVulMachine
- DescribeMachineSnapshot
- DescribeVulDefenceList
- DescribeVulFixStatus
- ExportVulDefenceList
- RetryCreateSnapshot
- RetryVulFix
- DescribeScanVulSetting
- ScanVulSetting
- DescribeEmergencyVulList
- DescribeVulDefencePluginStatus
- ExportVulDetectionExcel
- DescribeVulList
- RescanImpactedHost
- DescribeVuls
- DescribeVulScanResult
- DescribeVulInfo
- DescribeImpactedHosts
- DescribeAgentVuls
- New Baseline Management APIs
- DeleteBaselinePolicy
- DescribeBaselineHostDetectList
- DescribeBaselineItemDetectList
- DescribeBaselineItemList
- DescribeBaselinePolicyList
- DescribeBaselineWeakPasswordList
- DescribeIgnoreHostAndItemConfig
- ExportBaselineFixList
- ExportBaselineHostDetectList
- ExportBaselineItemDetectList
- StartBaselineDetect
- StopBaselineDetect
- SyncBaselineDetectSummary
- DescribeHotVulTop
- DescribeVulStoreList
- ModifyBaselinePolicy
- Baseline Management APIs
- DescribeBaselineTop
- DescribeBaselineHostTop
- DescribeBaselineDefaultStrategyList
- CreateBaselineStrategy
- DescribeStrategyExist
- UpdateBaselineStrategy
- DeleteBaselineStrategy
- DescribeBaselineStrategyList
- DescribeBaselineStrategyDetail
- DescribeBaselineBasicInfo
- DescribeBaselineEffectHostList
- DescribeBaselineList
- DescribeBaselineDetail
- DescribeSecurityBroadcastInfo
- ScanBaseline
- DescribeBaselineScanSchedule
- CheckFirstScanBaseline
- ChangeStrategyEnableStatus
- ChangeRuleEventsIgnoreStatus
- DescribeIgnoreBaselineRule
- DescribeIgnoreRuleEffectHostList
- DescribeBaselineRule
- ExportBaselineEffectHostList
- ExportBaselineList
- ExportIgnoreBaselineRule
- ExportIgnoreRuleEffectHostList
- Advanced Defense APIs
- DescribeAttackEvents
- DescribeAttackLogs
- DescribeMachineDefenseCnt
- DescribeMachineRiskCnt
- ExportFileTamperEvents
- DescribeAttackVulTypeList
- DescribeVulLabels
- DescribeVulOverview
- CheckFileTamperRule
- DescribeRansomDefenseBackupList
- DescribeRansomDefenseEventsList
- DescribeRansomDefenseMachineList
- DescribeRansomDefenseRollBackTaskList
- DescribeRansomDefenseStrategyMachines
- ModifyWebPageProtectSwitch
- ModifyFileTamperEvents
- ModifyFileTamperRuleStatus
- DescribeFileTamperEventRuleInfo
- DescribeFileTamperRuleCount
- DescribeFileTamperRuleInfo
- ModifyRansomDefenseEventsStatus
- DescribeFileTamperEvents
- DescribeRansomDefenseStrategyList
- ExportRansomDefenseBackupList
- ExportRansomDefenseEventsList
- ExportRansomDefenseMachineList
- ExportRansomDefenseStrategyList
- ExportRansomDefenseStrategyMachines
- ModifyFileTamperRule
- ExportFileTamperRules
- ModifyNetAttackSetting
- DescribeAttackEventInfo
- DescribeAttackStatistics
- DescribeAttackTop
- DescribeAttackTrends
- DescribeNetAttackSetting
- ExportAttackEvents
- Security Operation APIs
- Expert Service APIs
- Other APIs
- DescribeOpenPortStatistics
- DeleteMachine
- DeleteNonlocalLoginPlaces
- DescribeUsualLoginPlaces
- DeleteBruteAttacks
- DescribeLogStorageConfig
- DescribeLogStorageRecord
- ModifyLogStorageConfig
- DescribeTrialReport
- DescribeAssetEnvList
- DescribeABTestConfig
- DescribeRiskBatchStatus
- ExportTasks
- DescribeGeneralStat
- DescribeScreenGeneralStat
- DescribeVersionStatistics
- DescribeSafeInfo
- CreateRansomDefenseStrategy
- DescribeRansomDefenseMachineStrategyInfo
- DescribeRansomDefenseState
- DescribeRansomDefenseStrategyDetail
- DescribeRansomDefenseTrend
- DescribeSecurityEventStat
- ModifyRansomDefenseStrategyStatus
- RansomDefenseRollback
- DescribeScreenAttackHotspot
- DescribeScreenBroadcasts
- DescribeScreenDefenseTrends
- DescribeScreenEmergentMsg
- DescribeScreenEventsCnt
- DescribeScreenHostInvasion
- DescribeScreenMachineRegions
- DescribeScreenMachines
- DescribeScreenProtectionCnt
- DescribeScreenRiskAssetsTop
- DescribeSecurityEventsCnt
- ExportSecurityTrends
- DescribeScanTaskDetails
- DescribeScanState
- DeleteScanTask
- DescribeScanTaskStatus
- ScanTaskAgain
- DescribeAgentInstallCommand
- DescribePublicProxyInstallCommand
- DescribeVersionCompareChart
- CreateBuyBindTask
- SyncMachines
- CheckLogKafkaConnectionState
- CreateLogExport
- DeleteLogExport
- DescribeAESKey
- DescribeAssetTypes
- DescribeAttackSource
- DescribeAttackSourceEvents
- DescribeCanNotSeparateMachine
- DescribeClientException
- DescribeFastAnalysis
- DescribeLogDeliveryKafkaOptions
- DescribeLogExports
- DescribeLogHistogram
- DescribeLogIndex
- DescribeLogKafkaDeliverInfo
- DescribeScreenProtectionStat
- DescribeWarningHostConfig
- ModifyLogKafkaAccess
- ModifyLogKafkaDeliverType
- ModifyLogKafkaState
- ModifyEventAttackStatus
- ModifyRiskEventsStatus
- ModifyWarningHostConfig
- SearchLog
- StopAssetScan
- ClearLocalStorage
- DescribeLicenseWhiteConfig
- DescribeProductStatus
- GetLocalStorageItem
- KeysLocalStorage
- RemoveLocalStorageItem
- SetLocalStorageExpire
- SetLocalStorageItem
- DescribeVulTrend
- ExportScanTaskDetails
- DescribeAlarmIncidentNodes
- DescribeAlarmVertexId
- DescribeEventByTable
- DescribeProVersionStatus
- DescribeVertexDetail
- DeleteWebHookPolicy
- DeleteWebHookReceiver
- DescribeRecommendedProtectCpu
- DescribeUsersConfig
- DescribeWebHookPolicy
- DescribeWebHookReceiver
- DescribeWebHookReceiverUsage
- ModifyUsersConfig
- ModifyWebHookPolicy
- ModifyWebHookPolicyStatus
- ModifyWebHookReceiver
- DeleteUsualLoginPlaces
- CreateUsualLoginPlaces
- CloseProVersion
- DescribeWeeklyReports
- DescribeWeeklyReportVuls
- DescribeWeeklyReportNonlocalLoginPlaces
- DescribeWeeklyReportMalwares
- DescribeWeeklyReportInfo
- DescribeWeeklyReportBruteAttacks
- DescribeOpenPorts
- RenewProVersion
- OpenProVersionPrepaid
- ModifyProVersionRenewFlag
- InquiryPriceOpenProVersionPrepaid
- OpenProVersion
- Overview Statistics APIs
- Settings Center APIs
- DescribeProVersionInfo
- DescribeWarningList
- ModifyWarningSetting
- ModifyAutoOpenProVersionConfig
- DescribeLicenseGeneral
- DescribeLicenseList
- DeleteLicenseRecord
- DescribeLicenseBindList
- ModifyLicenseBinds
- DescribeLicenseBindSchedule
- CreateLicenseOrder
- DeleteLicenseRecordAll
- DestroyOrder
- CreateWhiteListOrder
- DeleteWebHookRule
- DescribeLicense
- DescribeWebHookRule
- DescribeWebHookRules
- ExportLicenseDetail
- ModifyWebHookRule
- ModifyWebHookRuleStatus
- TestWebHookRule
- CreateCloudProtectServiceOrderRecord
- DescribeCloudProtectServiceOrderList
- ModifyLicenseOrder
- DescribeAlarmAttribute
- Making API Requests
- Intrusion Detection APIs
- DeleteMalwares
- TrustMalwares
- UntrustMalwares
- SeparateMalwares
- RecoverMalwares
- ExportMalwares
- DescribeLoginWhiteList
- DeleteLoginWhiteList
- ExportNonlocalLoginPlaces
- ExportBruteAttacks
- DeleteMaliciousRequests
- ExportMaliciousRequests
- MisAlarmNonlocalLoginPlaces
- DescribeNonlocalLoginPlaces
- DescribeMalwares
- DescribeBruteAttacks
- UntrustMaliciousRequest
- TrustMaliciousRequest
- DescribeMaliciousRequests
- ModifyLoginWhiteList
- AddLoginWhiteList
- Data Types
- Error Codes
- 常见问题
- 相关协议
- 联系我们
- 词汇表
本文将为您介绍异常登录的功能和操作。
概述
当检测到存在不满足白名单(常用来源 IP、常用用户名、常用登录地、常用登录时间)的服务器登录行为,将产生异常登录告警。若异常登录来源 IP 属于境外 IP(含中国港澳台地区)或威胁情报中的恶意 IP,将被标记为“高危”,反之则标记为“可疑”。
限制说明
已安装主机安全客户端的主机(客户端在线),均会实时监控异常登录行为。
主机安全控制台仅保留近6个月的异常登录事件,过期的事件数据将不再展示。
操作指南
1. 登录 主机安全控制台。
2. 单击左侧导航中的入侵检测 > 异常登录,各功能说明如下。
事件列表
在事件列表中,可查看并处理主机安全监测到的异常登录风险。
字段说明:
服务器IP/名称:被异常登录的服务器。
来源 IP:登录来源 IP,一般是公司网络出口 IP 或网络代理 IP。
来源地:登录来源 IP 所在的地域。
登录用户名:成功登录服务器时使用的登录用户名。
登录时间:成功登录服务器的时间(服务器上的时区时间)。
危险等级:可疑/高危。
状态
异常登录:本次登录存在异常地域、异常用户名、异常登录时间或异常IP登录。
已加入白名单:登录来源已被添加为白名单(登录源 IP、登录用户名、登录时间及常用登录地)。
已处理:用户已手动处理,并将该事件标记为已处理。
已忽略:用户已忽略本次告警事件。
操作
处理
标记已处理:若您已人工对该风险事件进行处理,可将事件标记为已处理。
加入白名单:加入白名单操作后,当再次发生相同事件时将不再进行告警,请谨慎操作。
忽略:仅将本次告警事件进行忽略,若再有相同事件发生依然会进行告警。
删除记录:删除该事件记录,控制台将不再显示,无法恢复记录,请慎重操作。
白名单管理
在白名单管理中,可增/删/改/查异常登录的白名单。
字段说明:
服务器IP/名称:该白名单生效的服务器。
来源IP:加白名单的来源IP。
常用登录地:加白名单的登录地。
登录用户名:加白名单的用户名。
登录时间:加白名单的时间。
创建时间:该白名单的创建时间。
修改时间:最近一次修改白名单的时间。
操作
编辑:可重新编辑登录源ip、登录用户名、登录时间、常用登录地、生效范围等。
删除:可对白名单进行删除操作。
热点问题
收到异常登录告警后该如何处理?
判断该登录行为是否自己操作。
若是自己的登录行为,且您不希望再看到告警,请单击处理选择加入白名单操作,对常见登录源 IP、登录用户名、登录地、登录时间、生效范围进行设置。
字段说明:
登录源 IP 为空:代表所有来源 IP 对服务器进行登录,均不产生告警。
登录用户名为空:代表对服务器的任何用户名进行登录,均不产生告警。
登录地为空:代表不论登录地域在哪,均不产生告警。
登录时间为空:代表不论何时登录,均不产生告警。
注意:
登录源 IP、登录用户名、登录地、登录时间不能同时为空。
若不是自己的登录行为,请立即修改服务器登录密码(建议修改为10位以上,包含大小写字母和特殊字符的强密码)。
服务器被异常登录,登录者很有可能已经入侵您的服务器并留下恶意文件。建议您立即进行 文件查杀、漏洞检测、基线检测 以加固您的服务器安全。
白名单怎么设置可以满足大部分用户需求?
场景1:固定 IP 网段登录源可以使用任一用户名对服务器进行登录,而不产生异常登录告警。
您可在登录源 IP 中输入 IP 段,选择生效服务器范围即可。
场景2:登录源 IP 是动态变化的,要支持登录地是中国香港地区的 IP 随时都可以使用任一用户名对服务器进行登录,而不产生异常登录告警。
您可在常用登录地中选择香港特别行政区,选择生效服务器范围即可。
说明:
登录条件支持组合。
如何关闭异常登录告警?
是
否
本页内容是否解决了您的问题?