This topic describes frequently asked questions and solutions for Agentic SOC 2.0.
Do I need to enable Simple Log Service or log analysis feature when integrating cloud services with Agentic SOC?
Logs generated by Security Center features are added to Agentic SOC by default. You do not need to enable the log analysis feature of Security Center.
For Alibaba Cloud services other than Security Center, you need to enable their respective log service before integrating them with Agentic SOC.
Why is the data source not editable?
The current data source is attached to an access policy and the access policy is enabled.
Solution: Follow these steps to temporarily disable the policy:
On the Data Source tab, hover your pointer over the number under Reference Count of the data source to view which services are referencing this data source.
On the Service Integration tab, find the referencing service, click Access Settings. On the access settings page, turn off the enabling status.
What do I do if I fail to enable access policy?
If you receive the following error when enabling an access policy:
Error cause:
The dataset (StoreView) corresponding to the standardization category/structure in the standardization rule bound to the current access policy has already been bound to 5 access policies in scan query mode.
Solution:
Change the standardization method of the current access policy to "real-time consumption."