alibabacloud-ddos-native-intercept-query

Installation
SKILL.md

DDoS Native Protection (Anti-DDoS Origin) Intercept Record Query

1. Scenario Description

This skill investigates why a protected IP is dropping traffic under Alibaba Cloud DDoS Native Protection (Anti-DDoS Origin), and attributes each intercept record back to a specific protection policy. It is read-only: no rules are created, modified, or deleted.

Typical applications:

  • Query network-layer intercept records for a protection instance over a time window
  • Investigate why a specific source IP is being dropped
  • Locate the policy configuration (IP-specific or Port-specific Mitigation Policy, or default template) responsible for the drop
  • Diagnose false-positive interceptions and produce remediation guidance (whitelist-first)

Architecture:

Installs
32
GitHub Stars
176
First Seen
May 27, 2026
alibabacloud-ddos-native-intercept-query — aliyun/alibabacloud-aiops-skills