<p class="shortdesc">本文介绍如何导入解析规则库。</p> <section class="section prereq" id="parsingRules__prereq_ulc_kwk_rsb"><div class="tasklabel"><h2 class="doc-tairway">前提条件</h2></div> <p class="p">您已创建安全日志审计实例。</p> </section> <section class="section context"><div class="tasklabel"><h2 class="doc-tairway">背景信息</h2></div> <p class="p">解析规则库是解析规则的集合。不同厂商设备产生的日志格式不同，需使用对应的解析规则进行解析，使系统能够识别各个厂商设备的日志内容。</p> <p class="p">系统内置了大部分厂商设备的日志解析规则。您也可以根据需要自行添加解析规则。如需导入规则文件，请提交<a class="xref" href="https://www.ocftcloud.com/console/workorder/create" target="_blank" rel="external noopener">工单</a>联系技术人员。</p> </section> <section><div class="tasklabel"><h2 class="doc-tairway">操作步骤</h2></div><ol class="ol steps"><li class="li step stepexpand"> <span class="ph cmd">登录<a class="xref" href="https://www.ocftcloud.com/console/log-audit" target="_blank" rel="external noopener">安全日志审计SLA控制台</a>，进入<span class="keyword wintitle">实例列表</span>页面。</span> </li><li class="li step stepexpand"> <span class="ph cmd">单击目标实例<span class="ph uicontrol"> 操作</span>列的<span class="ph uicontrol">管理</span>，进入安全日志审计控制台。</span> <div class="itemgroup info"> <img class="image" id="parsingRules__d22e53" src="https://obs-cn-shanghai.ocftcloud.com/pacloud/20222803112057-1ecc508f988a.png" width="830"> </div> </li><li class="li step stepexpand"> <span class="ph cmd">在页面上边栏选择<span class="ph uicontrol">规则库</span>，然后在左侧菜单栏选择<span class="ph menucascade"><span class="ph uicontrol">规则库</span><abbr> > </abbr><span class="ph uicontrol">解析规则库</span></span>，进入<span class="ph uicontrol">解析规则库</span>页面。</span> <div class="itemgroup info"> <div class="p"> <img class="image" id="parsingRules__image_n5h_23t_4sb" width="800" src="https://obs-cn-shanghai.ocftcloud.com/pacloud/20222803112056-1fb2d0fd9214.png"> </div> </div> </li><li class="li step stepexpand"> <span class="ph cmd">单击<span class="ph uicontrol">导入</span>，在弹出的对话框中单击<span class="ph uicontrol">导入文件</span>，选择要导入的解析规则文件，导入完成即可。</span> </li></ol></section>