All Products
Search

This Product

    Alibaba Cloud DNS:Enable or disable network traffic analysis

    Document Center

    Alibaba Cloud DNS:Enable or disable network traffic analysis

    Last Updated:Nov 18, 2025

    Overview

    The network traffic analysis service incurs log fees. For this reason, network traffic analysis is not enabled by default after you activate the PrivateZone service. You must enable it manually. If you have not enabled network traffic analysis, the console displays simulated data and prompts you to enable the service. When you click to enable the service, the system performs the following checks:

    • If you have not activated the PrivateZone service, you are redirected to the product activation page in a new browser window. For more information, see Activate the service.

    • If you have activated the PrivateZone service, a dialog box appears when you click the enable button, prompting you to go to the network traffic analysis settings page.

    If you have activated PrivateZone, the settings page appears when you click to enable the service. You can set the following parameters:

    Set the region or VPC for network traffic analysis: Select the region or VPC for which you want to analyze network traffic. After you enable the service, log data is collected for analysis.

    Note

    You can enable network traffic analysis only for your own VPCs. You cannot enable it for VPCs that belong to other associated or authorized accounts.

    Log storage service: If you have enabled network traffic analysis, you can also enable the log storage service. This service stores DNS resolution logs in Simple Log Service (SLS) for data analytics. To configure the storage rules, go to the SLS console. For more information, see Enable and manage log collection.

    Important

    • By default, log printing is enabled for all regions and VPCs for which network traffic analysis is enabled. You can also select specific regions or VPCs within this scope for log printing.

    • In SLS, you can configure log storage only for regions and VPCs for which network traffic analysis is enabled. Enabling the log storage service also enables the network traffic analysis service by default. If you disable network traffic analysis, the log storage service will not receive any log data.

    Enable or disable traffic analysis

    1. Go to the Alibaba Cloud DNS - Dashboard.

    2. On the Resolution Dashboard tab, click Private Zone.

    3. In the upper-right corner, click the switch to enable network traffic analysis.

      image

    4. In the Traffic Analysis Settings dialog box, fill out the form and click OK.

      image.png

    Disable traffic analysis

    1. Go to the Alibaba Cloud DNS - Dashboard.

    2. On the Resolution Dashboard tab, click Private Zone. On the page that appears, disable network traffic analysis.

      Warning

      If you have also enabled the private DNS log storage service in Simple Log Service (SLS), you must first disable private DNS log storage in the SLS console before you disable private DNS network traffic analysis. Otherwise, the log audit feature automatically detects and enables private DNS network traffic analysis for the VPC-connected instance. Even if you manually disable network traffic analysis in the Alibaba Cloud DNS console, the log audit feature reactivates it to ensure log collection. For more information, see Private DNS log collection.