This topic describes the alert rules for the security events of Cloud Firewall. You can configure and enable alert rules in the Simple Log Service console to trigger alerts to monitor the security events of Cloud Firewall. If an alert is triggered, you can identify the error cause and fix the error at the earliest opportunity.
Alert rules
The following alert rules are supported. For information about how to set alert parameters, configure whitelists, and perform other relevant operations, see Configure alerts.
Cloudfirewall Inflow Block Alarm
ID | sls_app_audit_secure_at_cfw_in_block |
Name | Cloudfirewall Inflow Block Alarm |
Version | 1 |
Type | Cloud Platform, Alicloud, Security Event, and Cloudfirewall Security Event |
Usage | Monitors the inbound traffic that is intercepted by Cloud Firewall. If the number of inbound traffic interception for an access protocol exceeds the specified threshold, an alert is triggered. |
Check Frequency | Fixed interval: 1 minute. |
Time Range | The data of the last 2 minutes is checked. |
Parameter Settings | You can specify the following parameters:
|
External Configurations | None. |
Solution | Check whether an exception occurs in the inbound traffic that is intercepted by the Cloud Firewall. |
Prerequisites | The Internet Access Log switch of Cloud Firewall is turned on. To turn on the switch, go to the Log Audit Service console, and then choose . |
Cloudfirewall Outflow Block Alert
ID | sls_app_audit_secure_at_cfw_out_block |
Name | Cloudfirewall Outflow Block Alert |
Version | 1 |
Type | Cloud Platform, Alicloud, Security Event, and Cloudfirewall Security Event |
Usage | Monitors the outbound traffic that is intercepted by Cloud Firewall. If the number of outbound traffic interceptions for an access protocol exceeds the specified threshold, an alert is triggered. |
Check Frequency | Fixed interval: 1 minute. |
Time Range | The data of the last 2 minutes is checked. |
Parameter Settings | You can specify the following parameters:
|
External Configurations | None. |
Solution | Check whether an exception occurs in the outbound traffic that is intercepted by the Cloud Firewall. |
Prerequisites | The Internet Access Log switch of Cloud Firewall is turned on. To turn on the switch, go to the Log Audit Service console, and then choose . |