You can add a check item of the baseline check feature to the whitelist. After you add the item to the whitelist, Security Center no longer generates alerts for this item. We recommend that you assess whether a risky item is a false positive before you add the risky item to the whitelist. This topic describes how to add a check item to the whitelist.
- Log on to the Security center console.
- In the left-side navigation pane, click .
- In the Baseline column, click the name of the target baseline.
- Find the asset and click View in the Actions column to view detected risky check items.
- On the At-Risk Items page, find the check item and click Whitelist in the Actions column.
To add multiple check items to the whitelist at a time, select target check items that are in the Failed status, and click Whitelist in the lower-left corner.
- In the Reason for Ignore dialog box, enter remarks for adding the check item to the whitelist. If you want
to ignore alerts related to this check item on all servers, select the check whether batch processing is required check box.
The remarks are displayed in the check item list. You can trace and analyze relevant issues based on the remarks.Note To view remarks of a check item that has been added to the whitelist, find the check item and move the pointer over Ignored in the Status column.
- Click OK.
After the check item is added to the whitelist, the check item is displayed on the last page of the check item list, and the status of the check item changes to Ignored.
- View check items that are in the whitelist.
To view check items that are in the whitelist, select Ignored from the drop-down list on the At-Risk Items page.
- Remove a check item from the whitelist.
If you want to enable alerts related to a check item that has already been added to the whitelist, you can remove the check item from the whitelist.On the At-Risk Items page, find the target check item and click Remove in the Actions column. You can also select the target check item, and click Remove in the lower-left corner to remove it from the whitelist.