This topic describes how to configure alert rules for blackhole filtering events and traffic scrubbing events that occur on Anti-DDoS Pro or Anti-DDoS Premium in Cloud Monitor. After you configure the alert rules, the system informs you of the latest blackhole filtering events and traffic scrubbing events. This allows you to troubleshoot errors and restore workloads at the earliest opportunity.

Background information

Cloud Monitor is a service that allows you to monitor applications and Alibaba Cloud resources. The event monitoring feature of Cloud Monitor provides you with a centralized platform to query system events that are generated for Alibaba Cloud services and view event statistics.

You can query the blackhole filtering events and traffic scrubbing events that occur on Anti-DDoS Pro or Anti-DDoS Premium and create alert rules based on the event levels. When you create alert rules, you can configure notification methods such as text messages, emails, DingTalk, or alert callbacks. Cloud Monitor notifies you of critical events when they occur, which allows you to handle the events at the earliest opportunity. For more information, see Overview of event monitoring.

Procedure

  1. Log on to the Cloud Monitor console.
  2. Optional:Add an alert contact. If you have already specified a contact, you can skip this step.
    1. In the left-side navigation pane, choose Alerts > Alert Contacts.
    2. On the Alert Contacts tab, click Create Alert Contact.Create Alert Contact
    3. In the Set Alert Contact dialog box, enter the contact information, drag the slider for verification, and then click Save.Set Alert Contact
  3. Optional:Create an alert group. If you have already created an alert group, you can skip this step.
    Note The contacts of alert notifications must be alert groups. You can add one or more contacts to an alert group.
    1. In the left-side navigation pane, choose Alerts > Alert Contacts.
    2. On the Alert Contact Group tab, click Create Alert Contact Group.Create Alert Contact Group
    3. In the Create Alert Contact Group dialog box, enter a group name in the Group Name field. Select recipients from the Existing Contacts list and add them to the Selected Contacts list. Click OK.Create Alert Contact Group
  4. Create an alert rule for a cloud service.
    1. In the left-side navigation pane, click Event Monitoring.
    2. On the Alert Rules tab, select System Event and click Create Event Alert.Create Event Alert
    3. In the Create/Modify Event Alert panel, configure the parameters and click OK.Create/Modify Event Alert
      Section Parameter Description
      Basic Information Alarm Rule Name Enter the name of the alert rule.
      Event alert Event Type Select System Event.
      Product Type Select NewBGPDDoS (Anti-DDoS Pro) or ddosdip (Anti-DDoS Premium).
      Event Type Select the type of events for which you want to receive alerts. Valid values: Black hole and Traffic scrubbing. You can select multiple event types.
      Event Level Select the level of the event. Valid values:CRITICAL, WARN, and INFO. You can select multiple levels, and you must select CRITICAL.
      Event Name Select events for which you want to receive alerts. You can select multiple events.
      • If you set Product Type to NewBGPDDoS, blackhole filtering events include ddoscoo_event_blackhole_add and ddoscoo_event_blackhole_end. If you set Product Type to ddosdip, blackhole filtering events include ddosdip_event_blackhole_add and ddosdip_event_blackhole_end. All blackhole filtering events are critical.
      • If you set Product Type to NewBGPDDoS, traffic scrubbing events include ddoscoo_event_defense_add and ddoscoo_event_defense_end. If you set Product Type to ddosdip, traffic scrubbing events include ddosdip_event_defense_add and ddosdip_event_defense_end. All traffic scrubbing events are critical.
      Resource Range Select All Resources.
      Notification Method Alert Notification Select Alert Notification and configure Contact Group and Notification Method.
      • Contact Group: Select an existing contact group.
      • Notification Method: Select Warning (Message+Email ID+DingTalk Robot) or Info (Email ID+DingTalk Robot).

      You can click Add to add more contact groups and notification methods.

      MNS queue For this example, do not configure this parameter.
      Function service For this example, do not configure this parameter.
      URL callback For this example, do not configure this parameter.
      Log Service For this example, do not configure this parameter.
      The alert rule is created. When a blackhole filtering event or traffic scrubbing event occurs on Anti-DDoS Pro or Anti-DDoS Premium, the specified contact group receives an alert.
  5. Optional:Query events. You can query the recent blackhole filtering events and traffic scrubbing events on Anti-DDoS Pro or Anti-DDoS Premium in the Cloud Monitor console.
    1. On the Event Monitoring page, click the Query Event tab.
    2. Select System Event, select NewBGPDDoS or ddosdip, and then specify the event type and time range.Add a search condition
    3. In the event list, click View Details to view the details of an event.View Details