alibabacloud-ddos-native-intercept-query
Installation
SKILL.md
DDoS Native Protection (Anti-DDoS Origin) Intercept Record Query
1. Scenario Description
This skill investigates why a protected IP is dropping traffic under Alibaba Cloud DDoS Native Protection (Anti-DDoS Origin), and attributes each intercept record back to a specific protection policy. It is read-only: no rules are created, modified, or deleted.
Typical applications:
- Query network-layer intercept records for a protection instance over a time window
- Investigate why a specific source IP is being dropped
- Locate the policy configuration (IP-specific or Port-specific Mitigation Policy, or default template) responsible for the drop
- Diagnose false-positive interceptions and produce remediation guidance (whitelist-first)
Architecture: