手动添加资产
<p class="shortdesc">本文介绍如何手动添加资产。</p>
<section class="section limitation" id="manual__mqk_vxc_hsb"><div class="tasklabel"><h2 class="doc-tairway">使用限制</h2></div>
<ul class="ul" id="manual__ul_hbb_t1d_hsb">
<li class="li">您已创建安全日志审计实例。</li>
<li class="li">您已创建组织。</li>
<li class="li">安全日志审计与要添加的资产之间网络通讯正常。</li>
</ul>
</section>
<section><div class="tasklabel"><h2 class="doc-tairway">操作步骤</h2></div><ol class="ol steps"><li class="li step stepexpand">
<span class="ph cmd">登录<a class="xref" href="https://www.ocftcloud.com/console/log-audit" target="_blank" rel="external noopener">安全日志审计SLA控制台</a>,进入<span class="keyword wintitle">实例列表</span>页面。</span>
</li><li class="li step stepexpand">
<span class="ph cmd">单击目标实例<span class="ph uicontrol"> 操作</span>列的<span class="ph uicontrol">管理</span>,进入安全日志审计控制台。</span>
<div class="itemgroup info">
<img class="image" id="manual__d22e53" src="https://obs-cn-shanghai.ocftcloud.com/pacloud/20222803112057-1ecc508f988a.png" width="830">
</div>
</li><li class="li step stepexpand">
<span class="ph cmd">在页面上边栏选择<span class="ph uicontrol">资产管理</span>,在左侧菜单栏选择<span class="ph menucascade"><span class="ph uicontrol">资产</span><abbr> > </abbr><span class="ph uicontrol">全部资产</span></span>,进入<span class="keyword wintitle">资产</span>页面。</span>
</li><li class="li step stepexpand">
<span class="ph cmd">单击<span class="ph uicontrol">新增</span>进入<span class="keyword wintitle">新增资产</span>页面,选择资产类型,如<strong class="ph b">Windows</strong>。</span>
<div class="itemgroup info">
<img class="image" id="manual__image_ast_mwk_hsb" src="https://obs-cn-shanghai.ocftcloud.com/pacloud/20222803112055-10a245509ef9.png">
</div>
</li><li class="li step stepexpand">
<span class="ph cmd">根据以下信息,添加资产信息,单击<span class="ph uicontrol">保存</span>。</span>
<div class="itemgroup info">
<img class="image" id="manual__image_lgv_r1l_hsb" src="https://obs-cn-shanghai.ocftcloud.com/pacloud/20222803112055-1bf78fb794fd.png" width="830">
<table class="table" id="manual__table_icn_t1l_hsb"><caption></caption><colgroup><col style="width:33.44481605351171%"><col style="width:66.5551839464883%"></colgroup><thead class="thead">
<tr class="row">
<th class="entry" id="manual__table_icn_t1l_hsb__entry__1">
<p class="p">配置项</p>
</th>
<th class="entry" id="manual__table_icn_t1l_hsb__entry__2">
<p class="p">说明</p>
</th>
</tr>
</thead><tbody class="tbody">
<tr class="row">
<td class="entry" headers="manual__table_icn_t1l_hsb__entry__1 ">
<p class="p">资产名称</p>
</td>
<td class="entry" headers="manual__table_icn_t1l_hsb__entry__2 ">
<p class="p">资产名称,用来标识资产。</p>
</td>
</tr>
<tr class="row">
<td class="entry" headers="manual__table_icn_t1l_hsb__entry__1 ">
<p class="p">组织架构</p>
</td>
<td class="entry" headers="manual__table_icn_t1l_hsb__entry__2 ">
<p class="p">选择资产隶属的组织。</p>
</td>
</tr>
<tr class="row">
<td class="entry" headers="manual__table_icn_t1l_hsb__entry__1 ">
<p class="p">资产类型</p>
</td>
<td class="entry" headers="manual__table_icn_t1l_hsb__entry__2 ">
<p class="p">资产类型设置后不可修改。</p>
</td>
</tr>
<tr class="row">
<td class="entry" headers="manual__table_icn_t1l_hsb__entry__1 ">
<p class="p">资产重要性</p>
</td>
<td class="entry" headers="manual__table_icn_t1l_hsb__entry__2 ">
<p class="p">取值范围1~10,取值也大越重要,资产重要性会影响评分。</p>
</td>
</tr>
<tr class="row">
<td class="entry" headers="manual__table_icn_t1l_hsb__entry__1 ">
<p class="p">安全等级</p>
</td>
<td class="entry" headers="manual__table_icn_t1l_hsb__entry__2 ">
<p class="p">资产的安全等级,包括一般、重要、保密和绝密。</p>
</td>
</tr>
<tr class="row">
<td class="entry" headers="manual__table_icn_t1l_hsb__entry__1 ">
<p class="p">解析模式</p>
</td>
<td class="entry" headers="manual__table_icn_t1l_hsb__entry__2 ">
<p class="p">支持以下几种解析模式:</p>
<ul class="ul" id="manual__ul_jcn_t1l_hsb">
<li class="li"><strong class="ph b">无限制</strong>:使用不限制厂商及设备型号的解析规则对该资产上报的日志进行解析。推荐使用该模式。</li>
<li class="li"><strong class="ph b">仅限厂商</strong>:使用限制指定厂商的解析规则对该资产上报的日志进行解析。</li>
<li class="li"><strong class="ph b">仅限厂商与型号</strong>:使用限制指定厂商及设备型号的解析规则对该资产上报的日志进行解析。</li>
<li class="li"><strong class="ph b">全部满足</strong>:使用限制指定厂商、设备型号、设备版本的解析规则对该资产上报的日志进行解析。</li>
</ul>
</td>
</tr>
<tr class="row">
<td class="entry" headers="manual__table_icn_t1l_hsb__entry__1 ">
<p class="p">日志源资产重识别</p>
</td>
<td class="entry" headers="manual__table_icn_t1l_hsb__entry__2 ">
<p class="p">当一台服务器上系统日志和应用的日志都需要监控时,需要在日志审计平台中用多个日志资产源来区分,即日志源资产重识别。请根据实际情况选择是否启用日志源资产重识别。</p>
</td>
</tr>
</tbody></table>
</div>
</li><li class="li step stepexpand">
<span class="ph cmd">设置资产IP,单击<span class="ph uicontrol">保存</span>。</span>
<div class="itemgroup info">
<img class="image" id="manual__image_pbs_1bl_hsb" src="https://obs-cn-shanghai.ocftcloud.com/pacloud/20222803112055-1f2b26809984.png" width="830">
</div>
</li><li class="li step stepexpand">
<span class="ph cmd">单击<span class="ph uicontrol">发送日志配置</span>,根据以下信息,配置发送日志配置,单击<span class="ph uicontrol">保存</span>。</span>
<div class="itemgroup info">
<img class="image" id="manual__image_nxj_dbl_hsb" src="https://obs-cn-shanghai.ocftcloud.com/pacloud/20222803112055-1190601393ab.png" width="830">
<table class="table" id="manual__table_ayh_fbl_hsb"><caption></caption><colgroup><col style="width:28.011204481792717%"><col style="width:71.98879551820728%"></colgroup><thead class="thead">
<tr class="row">
<th class="entry" id="manual__table_ayh_fbl_hsb__entry__1">
<p class="p">配置项</p>
</th>
<th class="entry" id="manual__table_ayh_fbl_hsb__entry__2">
<p class="p">说明</p>
</th>
</tr>
</thead><tbody class="tbody">
<tr class="row">
<td class="entry" headers="manual__table_ayh_fbl_hsb__entry__1 ">
<p class="p">是否启用</p>
</td>
<td class="entry" headers="manual__table_ayh_fbl_hsb__entry__2 ">
<div class="p">
<ul class="ul" id="manual__ul_byh_fbl_hsb">
<li class="li">启用:资产向日志审计平台发送日志。</li>
<li class="li">禁用:资产不日志审计向平台发送日志。</li>
</ul>
</div>
</td>
</tr>
<tr class="row">
<td class="entry" headers="manual__table_ayh_fbl_hsb__entry__1 ">
<p class="p">日志活跃超时</p>
</td>
<td class="entry" headers="manual__table_ayh_fbl_hsb__entry__2 ">
<p class="p">在指定的时间范围(例如5分钟)内没有收到日志,则认为超时。超时后,资产状态显示为“不活跃”。</p>
</td>
</tr>
<tr class="row">
<td class="entry" headers="manual__table_ayh_fbl_hsb__entry__1 ">
<p class="p">日志协议</p>
</td>
<td class="entry" headers="manual__table_ayh_fbl_hsb__entry__2 ">
<p class="p">资产采用哪种协议向日志审计平台发送日志事件,目前支持以下几种:</p>
<ul class="ul" id="manual__ul_cyh_fbl_hsb">
<li class="li">Windows/Syslog</li>
<li class="li">SNMPTRAP</li>
<li class="li">HTTP</li>
<li class="li">FTP</li>
</ul>
</td>
</tr>
<tr class="row">
<td class="entry" headers="manual__table_ayh_fbl_hsb__entry__1 ">
<p class="p">日志编码</p>
</td>
<td class="entry" headers="manual__table_ayh_fbl_hsb__entry__2 ">
<p class="p">资产向日志审计平台发送的日志的编码格式:</p>
<ul class="ul" id="manual__ul_dyh_fbl_hsb">
<li class="li">GBK</li>
<li class="li">UTF-8</li>
<li class="li">ISO-8859-1</li>
</ul>
</td>
</tr>
<tr class="row">
<td class="entry" headers="manual__table_ayh_fbl_hsb__entry__1 ">
<p class="p">过滤等级</p>
</td>
<td class="entry" headers="manual__table_ayh_fbl_hsb__entry__2 ">
<p class="p">资产向日志审计平台发送日志的日志等级,日志等级由低到高分别为信息、公告、预警、出错、高危、警戒、紧急。</p>
<p class="p">选择“不限制”表示资产向日志审计平台发送所有等级日志。</p>
<p class="p">若选择<strong class="ph b">过滤等级</strong>为<strong class="ph b">信息</strong>,资产向日志审计平台发送<strong class="ph b">信息</strong>级别及<strong class="ph b">信息</strong>级别以上的日志。</p>
</td>
</tr>
</tbody></table>
</div>
</li></ol></section>
<section class="section result" id="manual__result_spd_nbl_hsb"><div class="tasklabel"><h2 class="doc-tairway">执行结果</h2></div>
<p class="p">在<span class="keyword wintitle">资产</span>页面可以看到刚刚添加的资产。</p>
</section>
提交成功!非常感谢您的反馈,我们会继续努力做到更好!