Cloud Firewall

Operations Recorded by CTS

Язык статьи: Английский

Cloud Trace Service (CTS) records the operations on CFW. With CTS, you can query, audit, and backtrack these operations.

Table 1 lists CFW operations recorded by CTS.

Table 1 CFW operations recorded by CTS
Operation	Resource Type	Trace Name
EIP protection	eip_protection_operation	eipOperateProtectService
Enable EIP protection	eip_protection_operation	eipOperateProtectServiceEnable
Disable EIP protection	eip_protection_operation	eipOperateProtectServiceDisable
Create an ACL rule	acl	createACLRule
Modify an ACL rule	acl	createACLRule
Delete an ACL rule	acl	deleteACLRule
Configure ACL rule priority	acl	modifyACLRule
View ACL rule hits NOTE: The number of hits here is the number of hits in the policy list. The count continues to increase unless reset to 0.	acl	showRuleHitCount
Configure ACL priority	acl	setACLRulePriority
Create a blacklist	black_white_list	createBlackList
Modify a blacklist	black_white_list	modifyBlackList
Delete a blacklist	black_white_list	deleteBlackList
Create a whitelist	black_white_list	createWhiteList
Modify a whitelist	black_white_list	modifyWhiteList
Delete a whitelist	black_white_list	deleteWhiteList
Create an IP address group	address_group	createIPAddressGroup
Update an IP address group	address_group	updateIPAddressGroup
Delete an IP address group	address_group	deleteIPAddressGroup
Delete address groups in batches	address_group	batchDeleteIPAddressGroup
Add a member to an IP address group	address_group_member	addIPAddressGroupMember
Update a member in an IP address group.	address_group_member	updateIPAddressGroupMember
Delete a member from an IP address group	address_group_member	deleteIPAddressGroupMember
Create a service group	service_group	addServiceGroup
Update a service group	service_group	updateServiceGroup
Delete a service group	service_group	deleteServiceGroup
Delete service groups in batches	service_group	batchDeleteServiceGroup
Add a member to a service group	service_group_member	addServiceGroupMember
Update a member in a service group	service_group_member	updateServiceGroupMember
Delete a member from a service group	service_group_member	deleteServiceGroupMember
Create a domain name group	domain_set	addDomainSet
Update a domain name group	domain_set	updateDomainSet
Delete a domain name group	domain_set	deleteDomainSet
Delete domain name groups in batches	domain_set	batchDeleteDomainSet
Add domain names in batches	domain_set	batchAddDomain
Delete a domain name	domain	deleteDomainName
Create a schedule	schedule	createSchedule
Update a schedule	schedule	updateSchedule
Delete a schedule	schedule	deleteSchedule
Delete schedules in batches	schedule	batchDeleteSchedule
Create a packet capture task	capture	createCaptureTask
Stop a packet capture task	capture	deleteCaptureTask
Delete a packet capture task	capture	cancelCaptureTask
Create an east-west CFW instance	cfw	createEWFirewallInstance
Create a south-north CFW instance	cfw	createSNFirewallInstance
Update a firewall	cfw	updateFirewallInstance
Delete a firewall	cfw	deleteFirewallInstance
Upgrade a firewall	cfw	upgradeFirewallInstance
Add a tag	cfw	createTags
Delete a tag	cfw	deleteTags
Freeze a firewall NOTE: A firewall may be frozen due to the following reasons: The account is in arrears. The account is frozen, for example, due to violations.	cfw	freezeFirewallInstance
Change a firewall name	cfw	changeFirewallName
Update attack logs and deliver configurations	alarm_config	updateAlarmConfig
Update a user's DNS server configurations	dns_server	updateDnsServer
Create an east-west firewall	cfw	createEastWestFirewall
Enable an east-west firewall	cfw	enableEwFirewallProtect
Disable an east-west firewall	cfw	disableEwFirewallProtect
Purchase a firewall	cfw	addFirewallOrder
Delete a firewall	cfw	deleteFirewall
Upgrade a firewall	cfw	changeFirewall
Modify or create an IPS protection mode	ips	createOrUpdateIpsMode
Enable a virtual patch	ips	enableVirtualPatches
Disable a virtual patch	ips	disableVirtualPatches
Change the sensitive directory scan status or the reverse shell rule status	cfw	changeAdvanceIpsRuleStatus
Modify log management configurations	log_config	changeLogConfig
Import an ACL	import	importCFW

Parent topic: CTS Auditing

Эта статья полезна?

Поддержка Юридические документы