All Products
Search
Document Center

Elastic Compute Service:Monitoring and logging

Last Updated:Sep 19, 2024

Monitoring and logging are essential for ensuring the availability, operation, and health of your Elastic Compute Service (ECS) resources. Alibaba Cloud offers a suite of monitoring and log audit services, including CloudMonitor and Cloud Config, to facilitate real-time oversight of cloud resource usage and operational status, enabling prompt responses to abnormal alerts.

ECS instances and disks monitoring

You can monitor the vCPU utilization of ECS instances, the IOPS of disks, and throughput of disks in the ECS console. This monitoring data helps determine the health of ECS instances and facilitates rapid issue resolution.

Monitor the health status of Alibaba Cloud services

We recommend that you keep track of the health status of your Alibaba Cloud resources so that you can handle exceptions at the earliest opportunity. For more information, visit Alibaba Cloud status.

On the Alibaba Cloud status page, you can check the health status of cloud services in each region, and subscribe to Really Simple Syndication (RSS) feeds about service exceptions.

image..png

CloudMonitor

ECS integrates Alibaba Cloud CloudMonitor. You can obtain the real-time monitoring metrics of cloud resources and Internet applications free of charge. CloudMonitor monitors the status of ECS resource usage and business exceptions in real time.

Enable alerting for key metrics of a cloud service

CloudMonitor allows you to enable alerting for ECS multiple key metrics with a few clicks. This way, you can build an alert system for your cloud service with high efficiency to obtain the overall resource usage and business operation status. For more information, see Enable the initiative alert feature.

Configure custom alert rules for metrics

You can configure alert rules for metrics. Alerts can be sent by using phone calls, text messages, emails, DingTalk chatbots, and the Alibaba Cloud app.

You can create an alert blacklist to block alerts for specific metrics. For more information, see Manage alert blacklists.

View monitoring information

Cloud Config

ECS integrates Alibaba Cloud Cloud Config. You can keep track of resource configuration changes and implement audits to ensure the continuous compliance of your cloud infrastructure free of charge.

Audit and record resource configuration changes

Cloud Config can audit the operations performed by your Alibaba Cloud account and all RAM users created by your Alibaba Cloud account. By default, configuration changes are recorded every 10 minutes.

Enable the compliance pre-check for CCSP 2.0

Cloud Config provides rules based on the specifications in Baseline for Classified Protection of Cybersecurity 2.0 (CCSP 2.0) and uses the rules to evaluate the compliance of resources. You can enable the compliance pre-check for CCSP 2.0 with a few clicks. The feature then continuously evaluates resource compliance. You can also download the compliance pre-check result and submit it to an inspection agency.

Query and analyze audit data in real time

You can deliver the historical configuration changes and non-compliant events of your resources to a Logstore of Simple Log Service. This way, you can query and analyze the logs in a centralized manner. For more information, see Deliver resource data to a Logstore of Simple Log Service.

ActionTrail

ECS integrates Alibaba Cloud ActionTrail. You can manage logs of all operations on cloud resources, record user logon and resource access actions, and implement security evaluation, intrusion detection, resource change tracking, and compliance audits.

ActionTrail can generate logs of cloud service access by using the Alibaba Cloud console, API operations, and developer tools. For information about the audit events, see Audit events of supported cloud services.

By default, ActionTrail tracks and retains events of the last 90 days. If you need to retain events for a longer period of time, you can create a trail to deliver events to Simple Log Service or OSS. For more information, see Create a trail.

After you create a trail to deliver events to a Logstore of Simple Log Service or an OSS bucket, you can query or analyze the events in the Simple Log Service or OSS console. For more information, see Query events in the Simple Log Service or OSS console.

Simple Log Service

ECS integrates Alibaba Cloud Simple Log Service (SLS). SLS can collect and process logs of operations on cloud services, service status, and business updates. SLS can also analyze logs in real time or deliver logs to other cloud services for monitoring and auditing. For more information, see Use the Operation Content and Result Delivery feature.

Flow logs and traffic mirroring

ECS supports the monitoring and analysis of network traffic through VPC flow logs and traffic mirroring, helping you with the access control rule verification, network traffic monitoring, and network issue troubleshooting. For more information, see Overview of flow logs and Overview of traffic mirroring.