Oracle Cloud Infrastructure Documentation

Listing OCI Targets and Getting Their Details

List existing OCI and Security Zone targets in Cloud Guardand view the detector and responder recipes used in monitoring resources.

Note

You can view the details of a Security Zone target in Cloud Guard. You must create and modify Security Zone targets in the OCI Security Zones application.
  • Note

    You can view the details of a Security Zone target in Cloud Guard. You must create and modify Security Zone targets in the OCI Security Zones application.
    1. Open the navigation menu and click Identity & Security. Under Cloud Guard, click Targets.

      The Targets page lists all targets currently defined.

      Note

      Initially, the list shows only what was specified in the Compartments to Monitor enablement option. If None was selected, this list is initially empty. See Steps to Enable Cloud Guard.
      The table provides the following information:
      • Target name: The name of the target, linked to the target details page.
      • Compartment: The compartment hierarchy to which the target is mapped.
      • Type: The specific type of target. Different target types differ in their details.

        OCI and Security Zone targets are so similar in their details that the instructions for managing OCI targets cover both.

      • Recipes: The number of recipes attached to the target.
      • Created: The date and time that the target was created.
    2. To ensure the page displays all available items in the list, under Scope, set the value of Compartment to the tenancy's root compartment and select Include child compartments.
    3. To filter the list, you can:
      • In the Filter by … name box at top right, enter a text string.

        Only names that contain that text that you type, anywhere in the name, now appear in the list.

      • Under Scope:
        • Select a different Compartment.
        • If you also want detector recipes attached to compartments below the selected compartment to appear in the list, select Include child compartments.
      • To filter the list by tags, follow these steps:
        1. To the right of Tag filters in the lower-left side of the page, click the add link.
        2. In the Apply tag filter dialog box, select a Tag namespace. If you want to manually enter a tag, select None (free-form tag).
        3. Select or enter a Tag key.
        4. For Tag value, select one of the following options:
          • Select Match any value if you want any tag value to count as a match.
          • Select Specify matching values and manually enter values, separated by commas, if you want only the values that you enter to count as a match.
          • To add more values for this tag, click the plus sign (+).
        5. Click Apply filter.
    4. Look for rows where the entry in the Type column is OCI or Security Zone.
    5. To view the details page for a specific item, click its link in the Target name column.
    6. To view the OCID for the item, click Show next to OCID on the Cloud Guard target information tab.

      For a Security Zone target, you can click the link next to Linked security zone to see the details for the associated security zone, in the Security Zone service. Use the browser's Back button to return to Cloud Guard.

    7. To view currently defined tags, click the Tags tab.
    8. To view the compartment hierarchy for a target, under Resources, click Configuration and then expand in the row in the Compartments list.
    9. To view detector recipes attached to the target:
      1. Under Resources on the left, click Detector recipes.
        A list of detector recipes attached to the target is displayed in the Detector recipes section.
      2. To view the rules in a detector recipe, click the link in the Recipe name column.

        The rules for the detector recipe are listed in the Detector rules section of the page that opens.

      3. To view summary information for a rule, click the Expand icon Image of Expand icon at the right end of its row.
      4. Use the browser Back button to return to the target details page.
    10. For Security Zone targets, to view the security zone recipe:
      1. Under Resources, click Security zone recipe.
      2. To view the policies in a security zone recipe, click the link in the Recipe name column.
      3. To copy the OCID of a policy statement, in the Actions menu Image of Action menu for the policy row, select Copy OCID.
      4. To view the associated security zones for the recipe, under Resources, click Associated Security Zones.
      5. Use the browser Back button to return to the Cloud Guard target details page.
    11. To view the responder recipe attached to the target:
      1. Under Resources, click Responder recipe.
        A list of responder recipes attached to the target is displayed in the Responder recipe section.
      2. To view the rules in a responder recipe, click the link in the Recipe name column.

        The rules for the responder recipe are listed in the Responder rules section of the page that opens.

      3. To see the Description and Conditional group information for a responder recipe rule, open its Actions menu Image of Action menu, and select Edit.

  • For a complete list of flags and variable options for CLI commands, see the Command Line Reference.

    Targets

    Use the oci cloud-guard target get command and required parameters to get a specific target:

    oci cloud-guard target get --target-id <target_ocid> [OPTIONS]

    Use the oci cloud-guard target list command and required parameters to list targets in a compartment:

    oci cloud-guard target list --compartment-id, -c <compartment_ocid> [OPTIONS]

    Target Detector Recipes

    Use the oci target-detector-recipe get command and required parameters to get a specific detector recipe for a target:

    oci cloud-guard target-detector-recipe get --target-detector-recipe-id <target_detector_recipe_ocid> --target-id <target_ocid> [OPTIONS]

    Use the oci cloud-guard target-detector-recipe list command and required parameters to list a target's detector recipes:

    oci cloud-guard target-detector-recipe list --compartment-id, -c <compartment_ocid>  --target-id <target_ocid> [OPTIONS]

    Target Detector Recipe Rules

    Use the oci target-detector-recipe-detector-rule get command and required parameters to get a specified detector rule, in a detector recipe that's attached to a target:

    oci cloud-guard target-detector-recipe-detector-rule get --detector-rule-id <detector_rule_id> --target-detector-recipe-id <recipe_ocid> --target-id <target_ocid> [OPTIONS]

    Use the oci target-detector-recipe-detector-rule list command and required parameters to list the detector rules in a detector recipe that's attached to a target:

    oci cloud-guard target-detector-recipe-detector-rule list --compartment-id, -c <compartment_ocid> --target-detector-recipe-id <detector_recipe_ocid> --target-id <target_ocid> [OPTIONS]

    Target Responder Recipes

    Use the oci target-responder-recipe get command and required parameters to get a responder recipe that's attached to a target:

    oci cloud-guard target-responder-recipe get --target-id <target_ocid> --target-responder-recipe-id <responder_recipe_ocid> [OPTIONS]

    Use the oci target-responder-recipe list command and required parameters to list the responder recipes that are attached to a target:

    oci cloud-guard target-responder-recipe list --compartment-id, -c <compartment_ocid> --target-id <target_ocid> [OPTIONS]

    Target Responder Recipe Rules

    Use the target-responder-recipe-responder-rule get command and required parameters to get a specified responder rule, in a responder recipe that's attached to a target:

    oci cloud-guard target-responder-recipe-responder-rule get --responder-rule-id <responder_rule_id> --target-id <target_ocid> --target-responder-recipe-id <responder_recipe_ocid> [OPTIONS]

    Use the target-responder-recipe-responder-rule list command and required parameters to list the responder rules in a responder recipe that's attached to a target:

    oci cloud-guard target-responder-recipe-responder-rule list --compartment-id, -c <compartment_ocid> --target-id <target_ocid> --target-responder-recipe-id <responder_recipe_ocid> [OPTIONS]

  • Targets

    Run the GetTarget operation to get a target.

    Run the ListTargets operation to list targets.

    Target Detector Recipes

    Run the GetTargetDetectorRecipe operation to get a specific detector recipe that's attached to a target.

    Run the ListTargetDetectorRecipes operation to list all the detector recipes that are attached to a target.

    Target Detector Recipe Rules

    Run the GetTargetDetectorRecipeDetectorRule operation to get a specific rule from a detector recipe that's attached to a target.

    Run the ListTargetDetectorRecipeDetectorRules operation to list all the detector rules from a detector recipe that's attached to a target.

    Target Responder Recipes

    Run the GetTargetResponderRecipe operation to get a specific responder recipe that's attached to a target.

    Run the ListTargetResponderRecipes operation to list all the responder recipes that are attached to a target.

    Target Responder Recipe Rules

    Run the GetTargetResponderRecipeResponderRule operation to get a specific responder rule from a responder recipe that's attached to a target.

    Run the ListTargetResponderRecipeResponderRules operation to list all the responder rules from a responder recipe that's attached to a target.