turbot/alicloud
steampipe plugin install alicloud

Table: alicloud_security_center_field_statistics - Query Alibaba Cloud Security Center Field Statistics using SQL

Alibaba Cloud Security Center is a flagship security product that integrates both Server Guard and Threat Detection Service. It is a unified security management system that recognizes, analyzes, and alerts of security threats in real-time. This service provides a wide range of capabilities including visualized security monitoring, security alerting, and security protection capabilities to secure users' servers hosted on Alibaba Cloud.

Table Usage Guide

The alicloud_security_center_field_statistics table provides insights into the statistical data of different fields within Alibaba Cloud Security Center. As a security analyst, explore field-specific details through this table, including the number of alerts and vulnerabilities. Utilize it to uncover information about the fields, such as those with high alert rates, helping in identifying potential security threats.

Examples

Basic info

Analyze the settings to understand the distribution and status of assets in different regions on Alicloud Security Center. This helps in identifying regions with a high number of unprotected instances, thereby aiding in enhancing the overall security posture.

select
general_asset_count,
group_count,
important_asset_count,
instance_count,
unprotected_instance_count,
region
from
alicloud_security_center_field_statistics;
select
general_asset_count,
group_count,
important_asset_count,
instance_count,
unprotected_instance_count,
region
from
alicloud_security_center_field_statistics;

Schema for alicloud_security_center_field_statistics

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The Alicloud Account ID in which the resource is located.
category_countbigintThe number of assets category.
general_asset_countbigintThe number of general assets.
group_countbigintThe number of asset groups.
important_asset_countbigintThe number of important assets.
instance_countbigintThe total number of assets of the specified type.
new_instance_countbigintThe number of new servers.
not_running_status_countbigintThe number of inactive servers.
offline_instance_countbigintThe number of offline servers.
regiontextThe Alicloud region in which the resource is located.
region_countbigintThe number of regions to which the servers belong.
risk_instance_countbigintThe number of assets that are at risk.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
test_asset_countbigintThe number of test assets.
unprotected_instance_countbigintThe number of unprotected assets.
vpc_countbigintThe number of VPCs.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- alicloud

You can pass the configuration to the command with the --config argument:

steampipe_export_alicloud --config '<your_config>' alicloud_security_center_field_statistics