This page covers common issues when integrating cloud services with Agentic SOC 2.0.
Do I need to enable Simple Log Service or log analysis feature before integrating a cloud service?
It depends on the service you're integrating:
Security Center: Logs generated by Security Center features are added to Agentic SOC by default. Do not enable the log analysis feature of Security Center.
Other Alibaba Cloud services: Enable the respective log service for each service before integrating it with Agentic SOC.
Why is my data source not editable?
Reason 1:
Cause: The data source is attached to an access policy that is currently enabled.
Fix: Temporarily disable the policy by following these steps:
On the Data Source tab, hover over the number under Reference Count to see which services reference this data source.
On the Service Integration tab, find the referencing service and click Access Settings. On the access settings page, turn off the enabling status.
Reason 2:
The current data source is automatically created after configuring cross-account access, and the cross-account access policy has not been deleted.
Even if the cross-account access policy is not enabled, the corresponding data source cannot be deleted. For more information about cross-account data sources, see Automatically created data sources for cross-account access.
Solution:
After confirming that you no longer need this log information, go to the Multi-account Access Settings configuration panel and cancel the member account log access configuration. For specific steps, see Remove Alibaba Cloud from the service provider list.
Why do I get an error when enabling an access policy?
Cause: The dataset (StoreView) linked to the standardization category/structure in your standardization rule is already bound to 5 access policies in scan query mode.
Fix: Change the standardization method of the current access policy to real-time consumption.
