The baseline check feature supports whitelists. After you add a check item to the whitelist, Security Center no longer generates alerts for this item. If it is confirmed that a failed check item is a false positive, you can add it to the whitelist to ignore alerts. This topic describes how to add a check item to the whitelist.
- Login Cloud security center console.
- In the left-side navigation pane, click .
- In the baseline list, click the name of the target baseline.
- Find the target check item and click View in the Actions column to view detected risks.
- On the At-Risk Items page, find the target check item and click Whitelist in the Actions column.
To add multiple check items to the whitelist at a time, select the target check items that are in the Failed status, and then click Whitelist in the lower-left corner.
- In the Reason for Ignore dialog box that appears, enter remarks for adding the check item to the whitelist.
If you want to ignore alerts generated by the check item on all servers, select the
Check whether batch processing is required. check box.
Remarks entered in the Reason for Ignore dialog box are displayed in the check item list. You can use remarks to trace and analyze baseline checks.Note Find the check item that has been added to the whitelist, and place the pointer over Ignored in the Status column. Remarks of the check item appear.
- Click OK.
What to do next
- View check items that are in the whitelist.
On the At-Risk Items page, select Ignored from the status drop-down list. Check items added to the whitelist are listed.
- Remove a check item from the whitelist
If you want to enable alerts for a check item that already has been added to the whitelist, you can remove the check item from the whitelist.On the At-Risk Items page, find the target check item and click Remove in the Actions column. You can also select the target check item, and then click Remove in the lower-left corner to remove it from the whitelist.