All Products
Search
Document Center

Simple Log Service:Server Load Balancer (SLB) operation compliance

Last Updated:Aug 25, 2023

This topic describes the alert rules for the compliance of Server Load Balancer (SLB) operations. The alert rules include SLB health check shutdown and SLB modification protection shutdown. You can configure and enable alert rules in the Simple Log Service console to monitor the compliance of SLB operations. If an alert is triggered, you can identify the compliance problems of SLB operations at the earliest opportunity.

Alert rules

The following alert rules are supported. For information about how to set alert parameters, configure whitelists, and perform other related operations, see Configure alerts.

SLB Modification Protection Shutdown Alert

ID

sls_app_audit_cis_at_slb_mod_protec

Name

SLB Modification Protection Shutdown Alert

Version

1

Type

Cloud Platform, Alicloud, CIS Standard, SLB Operation Compliance

Usage

Monitors whether the modification protection feature is disabled for Server Load Balancer (SLB) instances. The modification protection feature must be enabled for Server Load Balancer (SLB) instances. Otherwise, an alert is triggered.

Check Frequency

Fixed interval: 1 minute.

Time Range

The data of the last 2 minutes is checked.

Parameter Settings

Severity: Critical-10, High-8, Medium-6, Low-4, and Report-2. Default value: High-8

External Configurations

You can configure a whitelist of SLB instances whose modification protection feature can be disabled. If the modification protection feature is disabled for the SLB instances on the whitelist, no alert is triggered.

Solution

Enable the modification protection feature for the SLB instances that are not included in the whitelist.

Prerequisites

The Access Log switch next to API Gateway instance is turned on. To turn on the switch, go to the Log Audit Service page, and then choose Audit Configurations > Access to Cloud Products > Global Configurations.

SLB Health Check Shutdown Alert

ID

sls_app_audit_cis_at_slb_health_check

Name

SLB Health Check Shutdown Alert

Version

1

Type

Cloud Platform, Alicloud, CIS Standard, SLB Operation Compliance

Usage

Monitors whether the health check feature is disabled for Server Load Balancer (SLB) instances. The health check feature must be enabled for Server Load Balancer instances. Otherwise, an alert is triggered.

Check Frequency

Fixed interval: 1 minute.

Time Range

The data of the last 2 minutes is checked.

Parameter Settings

Severity: Critical-10, High-8, Medium-6, Low-4, and Report-2. Default value: High-8

External Configurations

You can configure a whitelist of SLB instances whose health check feature can be disabled. If the health check feature is disabled for the SLB instances on the whitelist, no alert is triggered.

Solution

Enable the health check feature for the SLB instances that are not included in the whitelist.

Prerequisites

The Access Log switch next to API Gateway instance is turned on. To turn on the switch, go to the Log Audit Service page, and then choose Audit Configurations > Access to Cloud Products > Global Configurations.