告警事件导出

Jump to bottom

404tk edited this page Sep 15, 2023 · 1 revision

导出告警

支持阿里云安全告警事件导出，默认执行dump all操作：

ctk > alibaba > set payload event-dump
payload => event-dump
ctk > alibaba > show options

Name      	Current Setting
----      	---------------
accesskey      	LTAIxxxxxxxxxxxxEXAMPLE
metadata       	dump all
payload        	event-dump
provider       	alibaba
region         	all
secretkey      	EXAMPLExxxxxxxxxxxxxxxxKEY
token
version        	Global
ctk > alibaba > run

忽略告警

支持阿里云忽略安全告警事件，通过指定告警事件ID即可忽略单条告警，示例如下：

ctk > alibaba > set metadata whitelist 11111111
metadata => whitelist 11111111
ctk > alibaba > run