||Cloudfirewall Outflow Block Alert
||Cloud Platform, Alicloud, Security Event, and Cloudfirewall Security Event
||Monitors the outbound traffic that is intercepted by Cloud Firewall. If the number of outbound traffic interceptions for an access protocol exceeds the specified threshold, an alert is triggered.
||Fixed interval: 1 minute.
||The data of the last 2 minutes is checked.
||You can specify the following parameters:
- Alert Name: The name of the alert. You can create multiple alerts.
- Severity: The severity level of the alert. Valid values: Critical-10, High-8, Medium-6, Low-4, and Report-2.
- Threshold: The threshold for the number of times outbound traffic is intercepted. Default value: 10. If the number exceeds the threshold within 2 minutes, an alert is triggered.
- Account ID (Aliuid): The ID of the Alibaba Cloud account that you want to monitor. You can use regular expressions when you specify this parameter.
- You can separate multiple IDs with vertical bars (|). You can also use wildcards for the regular expressions, such as
.*. For example, 156133.* indicates that Alibaba Cloud accounts that start with 156133 are monitored.
- Default value:
.*. This indicates all Alibaba Cloud accounts configured in the Log Audit Service application are monitored.
- Access Protocol Name: The name of the access protocol to be monitored. You can use regular expressions when you specify this parameter.
- You can also use wildcards for the regular expressions, such as
- Default value:
.*. This indicates that all access protocols under the specified Alibaba Cloud account are monitored.
||Check whether an exception occurs in the outbound traffic that is intercepted by the Cloud Firewall.
||The Internet Access Log switch of Cloud Firewall is turned on. To turn on the switch, go to the Log Audit Service console, and then choose .