The baseline check feature supports whitelists. After you add a check item to the whitelist, Security Center no longer generates alerts for this item. If it is confirmed that a failed check item is a false positive, you can add it to the whitelist to ignore alerts. This topic describes how to add a check item to the whitelist.

Procedure

  1. Login Cloud security center console.
  2. In the left-side navigation pane, click Protection > Baseline Check.
  3. In the baseline list, click the name of the target baseline.View baseline check details
  4. Find the target check item and click View in the Actions column to view detected risks.
  5. On the At-Risk Items page, find the target check item and click Whitelist in the Actions column.Add a check item to the whitelist
    To add multiple check items to the whitelist at a time, select the target check items that are in the Failed status, and then click Whitelist in the lower-left corner.
  6. In the Reason for Ignore dialog box that appears, enter remarks for adding the check item to the whitelist. If you want to ignore alerts generated by the check item on all servers, select the Check whether batch processing is required. check box.Specify reasons to ignore the check item
    Remarks entered in the Reason for Ignore dialog box are displayed in the check item list. You can use remarks to trace and analyze baseline checks.
    Note Find the check item that has been added to the whitelist, and place the pointer over Ignored in the Status column. Remarks of the check item appear.View remarks of check items in the whitelist
  7. Click OK.

Result

After the check item is added to the whitelist, the check item is displayed on the last page of the check item list, and the status becomes Ignored.Status changes

What to do next

  • View check items that are in the whitelist.
    On the At-Risk Items page, select Ignored from the status drop-down list. Check items added to the whitelist are listed.View check items that are in the whitelist
  • Remove a check item from the whitelist

    If you want to enable alerts for a check item that already has been added to the whitelist, you can remove the check item from the whitelist.

    On the At-Risk Items page, find the target check item and click Remove in the Actions column. You can also select the target check item, and then click Remove in the lower-left corner to remove it from the whitelist.Remove a check item from the whitelist