This topic describes how to configure alert rules by using CloudMonitor. If the trigger conditions of an alert rule are met, an SMS or email notification is sent. You can configure alert rules in the CloudMonitor console to monitor the status of log collection and shard usage and detect exceptions.
In the CloudMonitor console, choose Alarm Rules to the right of the Logstore. In the upper-right corner of the page that appears, click Create Alarm Rule .. On the page that appears, find the Logstore for which you want to configure alert rules and click
- Related Resource.
- Select a service for Product. Select Log Service.
- Select a resource range for Resource Range.
You can select All Resources or projectDimensions.
- All Resources: The alert rule is applicable to all resources of the specified service.
- Select projectDimensions: The alert rule is applicable to the selected projects.
- Select a region for Region.
- Select one or more projects for Project and one or more Logstores for Logstore .
- Set Alarm Rules.
You can configure one or more alert rules.
- Enter an alert rule name for Alarm Rule.
- Set Rule Description.
Select the monitoring metric and configure trigger conditions for the metric. If the configured threshold is exceeded, the alert is triggered and notifications are sent.
- Set alarm_type. The default value is Anyalarm_type.
- Set Mute for. This parameter specifies the mute period. If the alert is not cleared within the mute period, a new alert notification is sent when the mute period ends.
- Set Effective Period. This parameter specifies the period in which the alert rule takes effect.
- Set Notification Method.
- Set Notification Contact. Select a Contact Group to send notifications.
- Set Notification Methods. You can select the Warning or Info level. The notification methods vary based on the level.
- Set Email Subject and Email Remark. By default, the value of the Email Subject parameter is in the format of service name + metric name + instance ID.
- Set HTTP CallBack. Enter a URL that can be accessed from the public network. CloudMonitor uses the POST method to push the alert notification to this URL. Only the HTTP protocol is supported when notifications are sent to the specified URL.
Click Confirm. The alert rule configurations are completed.
- Monitor log collection status of Logtail
When Logtail is collecting log data, errors may occur because of incorrect Logtail configurations. For example, some log data cannot be collected due to format mismatch or a log file is repeatedly collected. To detect such errors in time, you can configure alert rules to monitor metrics such as the lines failed to be resolved and the number of errors.
You can configure alert rules for monitoring metrics as follows:
Select Lines failed to be resolved, Number of errors, or other monitoring metrics and configure the statistical cycle, statistical method, and other items. Then, you can detect errors that occur during log data collection in time.As shown in the following figure, if one or more lines fail to be resolved within 5 minutes, the alert is triggered.
- Monitor the resource usage of shards
You can write log data to a shard of a Logstore at a maximum speed of 5 MB/s or 500 times/s. If the write speed exceeds the capacity, Log Service tries to satisfy your requirements. Log Service may not meet your processing requirements, especially during peak hours. You can configure alerts for read/write data traffic of a Logstore to monitor the resource usage of shards. If you need to read or write a large volume of log data, more shards are required. You can increase the number of shards in the console.
- Set alerts for data traffic
Enter an alert rule name for Alarm Rule and select Size of Raw Data for Rule Description. Set the statistical cycle and method. For example, to trigger the alert when the raw data size is equal to or higher than 100 GB within 5 minutes, set5Minute ,Total , >=, and102400 .
- Set alerts for service status
Enter an alert rule name for Alarm Rule and select Service Status for Rule Description. Set the statistical cycle and method. For example, to trigger the alert when the 403 Forbidden error occurs one or more times within 5 minutes, set the alert shown in the following figure.
- Set alerts for data traffic
- Monitor the data traffic written to a project
By default, a maximum of 30 GB of raw data can be written to a project per minute. This limits the number of logs that may be generated if program errors occur. If the size of your raw log data requires a higher write speed than the limit, submit a ticket to increase the quota.
The following example shows how to monitor the speed of data writes to a project.As shown in the following figure, if the data written to a project is equal to or higher than 150 GB, the alert is triggered.