Log Service allows you to use CloudMonitor to set alarm rules. An alarm SMS or email is sent when the service status meets the configured alarm rules. Configure the alarm rules to monitor Log Service in the CloudMonitor console. Then, you can monitor the log collection status of Logtail, shard usage status, and write traffic of projects.
On the CloudMonitor console, click xAlarm Rules at the right of the Logstore. Then, click Create Alarm Rule in the upper-right corner.click
- Configure the related resource.
- From the Products drop-down list, select Log Service.
- Select the resource range.
You can select All Resources, Application Group, or projectDimensions.
- All Resources – An alarm notification is sent when any instance in Log Service meets the alarm rules.
- Application Group - An alarm notification is sent when any instance in an application group meets the alarm rules.
- projectDimensions - An alarm notification is sent only when the selected instances meet the alarm rules.
- Select the region.
- Select one or more Projectand Logstore. You can select one or more projects and logstores.
- Set the alarm rules.
You can set one or more alarm rules.
- Enter the alarm rule name.
- Configure the rule description.
Define your monitoring policy here by selecting the monitoring item and configuring the threshold for the monitoring item. CloudMonitor sends an alarm notification when the threshold is exceeded.
- Select thealarm_type. By default, Any alarm_type is selected.
- Set the mute time , which is the time interval between two alarm notifications if the condition that triggers the alarm is still abnormal after an alarm notification is sent.
- Select a number from the Triggered when threshold is exceeded for drop-down list. The alarm is triggered after the threshold is exceeded for the selected number of times successively, that is, the alarm is triggered after the alarm detection results meet your configured rule description for the selected number of times successively.
- Select the effective period for your monitoring policy.The monitoring alarm policy only works within the selected period.
- Configure the notification method.
- Notification contact. Send a notification in the contact group level.
- Alarm level. Select Warningor Info as per your needs. Different levels have different notification methods.
- Notification subject and remark By default, the notification subject is the product name + monitoring item name + instance ID.
- HTTP callback. Enter a URL that can be accessed by the Internet. CloudMonitor pushes the alarm notification to this address by using the POST request. Currently, only HTTP protocol is supported.
Click Confirm after the configurations to complete the configuration of monitoring policy.
Monitor log collection status of Logtail
Errors may occur because of incorrect configurations when Logtail is running. For example, some log formats do not match or a log file is repetitively collected. For more information, see Basic questions of Logtail. To find such errors in time, you can monitor the metrics such as lines failed to be resolved and number of errors on Logtail.
The monitoring rule configuration is as follows:
Enter the alarm rule name and configure the rule description. Select Lines failed to be resolved or Number of errors as needed. Configure the rule items such as statistical period and method. You can also set alarm rules based on other errors of Logtail. Then, you can find the log collection errors in time.
Monitor shard usage status
Each shard in a Logstore provides the write capability of 5 MB/s (500 times per second), which is sufficient in most cases. When the capability limit is exceeded, Log Service attempts to serve (rather than deny) your requests, but does not guarantee the availability of data that exceeds the limit during peak hours. You can detect this situation by setting an alarm rule on Logstore outbound and inbound traffic. If your data volume is large and needs more shards, adjust the number of shards in the console in time.
Use the following solutions to set an alarm rule on Logstore traffic.
Solution 1: Set an alarm rule on traffic
Solution 2: Set an alarm rule on service status
Monitor write traffic of projects
By default, each project provides the write capability of 30 GB/min (the size of raw data), which is used to protect you from generating large amounts of logs because of program errors. In most cases, this write capability is sufficient. The capability limit may be exceeded if your log volume is large. Open a ticket to increase the value.
Configure the monitoring policy of project quota as described in the following figure.