This topic describes how to view baseline check results and manage failed check items in the Security Center console. The baseline check results include information about affected assets, details of the check items, and suggestions on how to manage failed check items.

Prerequisites

A baseline check is performed. For more information, see Run a baseline check.

Background information

After you enable the baseline check feature, Security Center runs baseline checks on all assets based on the default baseline check policy. You can also create custom baseline check policies to customize baseline checks for specific assets. For more information, see Set baseline check policies.

View the summary of baseline check results

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Baseline Check.
  3. On the Baseline Check page, you can view the summary of baseline check results. You can filter data by policy.
    Summary of baseline check results

    You can select a policy from the Select Policy drop-down list to view the following information.

    • Checked Servers: The number of servers on which the baseline check runs. These servers are the ones specified in the selected baseline check policy.
    • Check Items: The number of baselines specified in the selected baseline check policy.
    • Last Pass Rate: The pass rate of check items in the last baseline check. The colors of the number in Last Pass Rate are described as follows:
      • Green: indicates a high pass rate of check items.
      • Red: indicates a low pass rate of check items. We recommend that you go to the details page of the check items and manage the risks.

      For more information about baseline check risks, see View failed check items.

      For more information about how to manage baseline check risks, see Manage failed check items.

View all check items

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Baseline Check.
  3. In the Select Policy drop-down list, select All.
    Baseline Check
    The Baseline Check page in the Security Center console provides a list of baseline check items. This list contains information such as the baseline name, baseline category, last check time, the number of check items, and numbers of failed check items and affected servers.
    Note You can also select a baseline check policy from the Select Policy drop-down list to view the check items specified in this policy.

View details of a baseline

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Baseline Check.
  3. In the Baseline column, click the target baseline to view the baseline details.
    Baseline details
    Baseline details include the affected assets, the items that pass the check, and the items that fail the check.
  4. Manage failed check items on the baseline details page.
    • Find the target asset, and click View in the Actions column to go to the At-Risk Items page. For more information, see View failed check items.
    • You can click Verify in the Actions column for an asset to check whether failed check items have been managed for the asset. If the verification passes, the number of items that fail the check is reduced, and the status of the check item becomes Passed.
    • You can click Undo Fix in the Actions column for an asset, select a snapshot, and then click OK to roll back to the selected snapshot.
      Note If service interruptions occur due to risk fix failures, and the asset has a snapshot, Security Center allows you to undo operations performed on the asset. After operations are undone, the asset is rolled back to the specified snapshot.

View failed check items

  1. On the baseline check details page, find the target asset and click View in the Actions column to view failed check items.
    The list of failed check itemsYou can view the check items of the asset and the status of the check items (Passed or Failed).
  2. Click Details in the Actions column to view the description, result, and suggestion for this check item.
    Details of a failed check item
Note We recommend that you follow the suggestions to manage Failed check items at the earliest opportunity, especially the high-risk check items. For more information, see Manage failed check items.

Manage failed check items

On the At-Risk Items page, manage failed check items as needed.

Manage failed check items
  • Fix baseline risks
    Find the target failed check item, and click Fix in the Actions column. In the Repair Risk Check Item dialog box that appears, set the parameters and click Fix Now.Fix baseline risks
    • Batch Configuration: Click Details on the right side of Batch Configuration. Assets that have this risk are listed. Select the assets to which you want to apply the selected Repair Method.
    • Repair Method: Select a Repair Method.
      Note Different risks require different fixes. Select a method to fix risks based on the actual scenario.
    • Risk Protection: Select whether to automatically create snapshots. We recommend that you select the Create snapshots automatically and fix check box.
      Note Services may be interrupted if the system fails to fix risks. We recommend that you create a snapshot of the system before you fix the risk. You can roll back your servers to the states recorded by the snapshots.
    Note After the fix operation is completed, you can manually check whether the risk is fixed. Security Center also automatically checks whether risks are fixed based on the detection interval specified in the policies.
  • Add check items to a whitelist
    If you want to disable alerts for a check item, click Whitelist to add the check item to the whitelist. Check items in the whitelist no longer trigger alerts. For more information, see Add a check item to the whitelist.Add check items to a whitelist
    Note You can also select multiple check items and click Whitelist in the lower-left corner to add the check items to the whitelist at the same time.
  • Remove check items from the whitelist
    If you want to enable alerts for a check item in the whitelist, you can Remove the item from the whitelist. You can remove one or more check items from the whitelist at a time. After a check item is removed from the whitelist, the check item triggers alerts again.Remove items from the whitelist
  • Verify risk fixes

    After you fix a baseline risk, click Verify to check whether the risk has been fixed. After you click Verify, the status of the check item becomes Verifying.

    Verifying

    If you do not manually perform verification, Security Center automatically verifies the check item based on the detection interval specified in the policies.

    If the verification passes, the Status of the check item becomes Passed.