Skip to Content
Operation GuideSecurity Incident

Security Events

View threat events that have a real security impact on user services, including abnormal login behavior, Trojans, DDoS attacks, and application-layer web traffic attacks.

Trojan Invasion

Supports viewing:

Total Trojans: Total number of historical Trojans

Remediated Trojans: Number of historical Trojans that have been resolved

Trojan Parameters Description:

  • Trojan Type
  • Resource Name
  • Resource ID
  • Trojan Path
  • Intrusion Time
  • Remediation Suggestion

Login Security

Supports viewing:

Remote Login Events: Number of remote login events

Brute Force Events: Number of brute force attack events

Parameters Description:

  • Type: divided into successful remote login and brute force attacks
  • Source IP
  • Project Name
  • Availability Zone
  • Login Location
  • Host IP
  • Time
  • Risk Level
  • Login Type
  • Login Username

Network Attacks

Supports viewing:

Attack Overview: The attack overview of the user’s IP

Attack Details: The specific details of each attack on the user’s IP

Allows users to select any desired time range for viewing.

Attack Overview Parameters Description:

  • IP
  • Region
  • Current Status
  • Default Blocking Threshold (G)
  • Attack Times
  • Recent Attack Time
  • Actions

Attack Details Parameters Description:

  • IP
  • Region
  • Peak Attack (Mbps)
  • Attack Type
  • Start Time
  • Duration (seconds)
  • Actions

Web Attacks

Supports viewing: Attack details and analysis on the user-selected domain name

Attack Details Parameters Description:

  • Recent Attack Time
  • IP Details
  • Request Path
  • Region
  • Attack Type
  • Attack Times
  • Work Mode
  • Match Action
  • Risk Level

Attack Analysis:

Protection Timeline: Statistics on the number of allowed or blocked attacks over a period of time. If the selected work mode is “Record but do not block,” the protection actions are all “allowed,” and if the work mode is “Enable protection rules,” the actions are “blocked.” Configure work mode as referred to here.