This topic describes how to create rules to alert on black hole events and scrubbing events on Anti-DDoS Pro & Premium in the CloudMonitor console. The alerts can keep you informed of the latest black hole events and scrubbing events and allow you to troubleshoot errors and restore workloads as early as possible.

Background information

CloudMonitor is a service to monitor applications and Alibaba Cloud resources. The event monitoring feature of CloudMonitor provides you with a centralized platform to query and summarize the system events on cloud services. This allows you to track the use of cloud resources.

You can query the black hole events and scrubbing events on Anti-DDoS Pro & Premium and create alert rules based on the event level. You can receive notifications or configure alert callbacks through text messages, emails, or DingTalk. CloudMonitor notifies you of critical events at the earliest opportunity. This allows you to handle the events in time. For more information, see An overview of event monitoring.

Procedure

  1. Log on to the CloudMonitor console.
  2. Optional:Add an alert recipient. If you have already specified a recipient, you can skip this step.
    1. In the left-side navigation pane, choose Alarms > Alarm Contacts.
    2. On the Alarm Contacts tab, click Create Alarm Contact in the upper-right corner.Add a recipient
    3. In the Set Alarm Contact dialog box that appears, enter the required contact information. Verify the Phone or Email ID, and then click Save.Specify contact information
      The alert recipient is saved.
  3. Optional:Create an alert contact group. If you have already created an alert contact group, you can skip this step.
    Note The recipients of alert notifications must be contact groups. You can add one or more recipients to a contact group.
    1. In the left-side navigation pane, choose Alarms > Alarm Contacts.
    2. On the Alarm Contact Group tab, click Create Alarm Contact Group in the upper-right corner.Create a contact group
    3. In the Create Alarm Contact Group dialog box that appears, enter a group name in the Group Name field. Select recipients from the left-side Existing Contacts list and add them to the right-side Selected Contacts list. Click OK.Specify contact information
      The contact group is created.
  4. Create an event alert rule for a cloud service.
    1. In the left-side navigation pane, click Event Monitoring.
    2. On the Alarm Rules tab, select System Event, and click Create Event Alert.Create an event alert rule
    3. In the Create/Modify Event Alert pane, configure the alert rule, and click OK. The parameters are described as follows.
      Module Parameter Description
      Basic Information Alarm Rule Name Enter the name of the alert rule.
      Event alert Event Type Select System Event.
      Product Type Select NewBGPDDoS (indicates Anti-DDoS Pro) or ddosdip (indicates Anti-DDoS Premium).
      Event Type Select the type of the events to alert on. Valid values include Black hole and Traffic scrubbing. You can select multiple event types.
      Event Level Select the level of events to alert on. Valid values include CRITICAL, WARN, and INFO. You can select multiple levels and must select CRITICAL.
      Event Name Select one or more events to alert on.
      • Black hole events include In black hole and Black hole ended. All black hole events are critical.
      • Traffic scrubbing events include Scrubbing and Scrubbing ended. All scrubbing events are critical.
      Resource Range Select All Resources.
      Alarm Type Alert Notification Select Alert Notification. Select a Contact Group and a Notification Method.
      • Contact Group: Select an existing contact group.
      • Notification Method: Select Warning (Message+Email ID+DingTalk Robot) or Info (Email ID+DingTalk Robot).

      You can click Add to add more contact groups and notification methods.

      MNS queue This option is not required.
      Function service This option is not required.
      URL callback This option is not required.
      Log Service This option is not required.
      Create/Modify Event Alert
      The alert rule is created. When a black hole event or traffic scrubbing event occurs on Anti-DDoS, the specified contact group receives an alert.
  5. Optional:Query events. You can query the recent black hole events and scrubbing events on Anti-DDoS in the CloudMonitor console.
    1. On the Event Monitoring page, click the Query Event tab.
    2. Select System Event and NewBGPDDoS (indicates Anti-DDoS Pro) or ddosdip (indicates Anti-DDoS Premium), and specify the event type and time period.Conditions
    3. In the event list, click View Details to view the details of an event.View details