Release Notes and Announcements

Release Notes

Announcements

Getting Started

Product Introduction

Overview

Advantages

Basic Concepts

Scenarios

Associated Products

Features in Different Editions

Purchase Guide

Purchase Security Protection Licenses

Purchasing Log Analysis Service

Quick Start

Operation Guide

Security Dashboard

Asset Overview

Server List

Asset Fingerprint

Vulnerability Management

Baseline Management

Malicious File Scan

Unusual Login

Password Cracking

Malicious Requests

High-risk Commands

Local Privilege Escalation

Reverse Shell

Java Webshell

Critical File Monitor

Network Attack

A Ransomware Defense

Log Analysis

License Management

Alarm Setting

Cloud Access Management

Hybrid Cloud Installation Guide

FAQs for Beginners

Cloud Workload Protection Description

Feature Description

Agent Process Description

A Security Baseline Detection List

Parsing of JSON Format Alarm Data

Log Field Data Parsing

Agent Installation Guide

Security Score Overview

Practical Tutorial

Auto Fix of Vulnerabilities

Malicious File Processing

Troubleshooting

Intrusions on Linux

Intrusions on Windows

Offline Agent on Linux

Offline Agent on Windows

An Abnormal Log-in Notification

API Documentation

History

Introduction

API Category

Asset Management APIs

Virus Scanning APIs

Abnormal Log-in APIs

Password Cracking APIs

Malicious Request APIs

High-Risk Command APIs

Local Privilege Escalation APIs

Reverse Shell APIs

Vulnerability Management APIs

New Baseline Management APIs

Baseline Management APIs

Advanced Defense APIs

Security Operation APIs

Expert Service APIs

Other APIs

Overview Statistics APIs

Settings Center APIs

Making API Requests

Intrusion Detection APIs

Data Types

Error Codes

FAQs

Agreements

Service Level Agreement

Data Processing And Security Agreement

Glossary

Alarm List

PDF

Focus Mode

Font Size

Last updated: 2024-08-13 16:29:50

The alarm list supports viewing alarm records of core file anomalies, enabling users to process (mark as processed, add to allowlist, or ignore) these alarm records and to delete these alarm records.
Note:
Core file monitoring is a feature of Ultimate Edition of CWPP. It is recommended to upgrade to Ultimate edition to protect CWPP.
Currently, core file monitoring is only available on Linux operating systems with kernel version 3.10 and later.
Processing Alarm Records
1. Log in to the CWPP console. In the left sidebar, choose Cyber Defense > CoreFile Monitor > Alert list.
2. On the alarm list page, choose the required alarm record, click Process, and choose Mark as processed, Add to allowlist, Ignore, or Delete the record.
﻿
Field Description:
Mark as Processed: You can manually process the alarm, and after that, it can be marked as processed.
Add to Allowlist: Add the current file path to the allowlist. Subsequent read/modification actions will not trigger alarms. Proceed with caution.
Ignore: Only ignore this alarm. If the same situation occurs again, an alarm will still be triggered.
Delete the Record: Delete the alarm record. It will no longer be displayed on the console and cannot be recovered. Proceed with caution.
3. In the Secondary Confirmation dialog box, click Confirm to process the alarm record.
4. The alarm list also supports batch processing of alarm records. After choosing one or more alarm records, click Mark as processed or Ignore in the upper left corner. After a secondary confirmation, the chosen alarm records can be processed.
﻿
Deleting Alarm Records
1. On the alarm list page, you can delete alarm records individually or in batch.
Single: Choose the required alarm record, and click Process > Delete. A deletion confirmation dialog box will pop up.
﻿
Batch: Choose one or more alarm records, and click Delete in the upper left corner. A deletion confirmation dialog box will pop up.
﻿
2. In the deletion confirmation dialog box, click Confirm to delete the chosen alarm records.
Note:
Once the chosen alarm records are deleted, they will no longer be displayed in the console and cannot be recovered. Proceed with caution.