Simple Log Service provides built-in alert monitoring rules in CloudLens for SLS. To monitor Simple Log Service in real time, you need to only configure an alert monitoring rule to generate an alert instance. Then, you can receive alert notifications such as DingTalk messages. This topic describes how to configure alerts.
Prerequisites
Log collection for important logs, detailed logs, run logs, and audit logs is enabled for a project. For more information, see Enable the log collection feature.
Background information
CloudLens for SLS provides alert monitoring rules such as the baseline alert monitoring rule, interval-valued comparison alert monitoring rule, and periodicity-valued comparison alert monitoring rule. You can use the alert monitoring rules to monitor the usage of resources such as projects, Logtail, and consumer groups. CloudLens for SLS supports different notification methods, such as text messages, DingTalk messages, emails, voice calls, and custom webhooks. You can enable an alert monitoring rule based on your business requirements. The following list describes the characteristics of each type of alerting monitoring rule:
Baseline alert monitoring rule: If the value of a metric is greater than or less than the threshold that you specify, an alert is triggered. For example, if the number of times that the project quota is exceeded is greater than 2, an alert is triggered.
Interval-valued comparison and periodicity-valued comparison alert monitoring rules: If the rate of change between the value within the current time period and the value of a historical time period exceeds or drops below the threshold that you specify, an alert is triggered. For example, if the growth rate of the number of Logtail collection errors on the current day exceeds 20% compared with the number of Logtail collection errors on the previous day, an alert is triggered.
Procedure
- Log on to the Log Service console.
In the Log Application section, click the Cloud Service Lens tab. Then, click CloudLens for SLS.
In the left-side navigation pane, click Anomaly Detection.
On the Alert Rules tab, click Create Alert or choose Create Alert > Create from Template. Configure the parameters in the panel that appears. For more information, see Create an alert rule for logs.
What to do next
On the Monitoring Rule page, you can perform the following operations.
Operation | Description |
Disable an alert instance | If you disable an alert instance, the status of the alert monitoring rule changes to Not Enabled, which is displayed in the Status column. Alerts are no longer triggered based on the alert monitoring rule. If you disable an alert instance, the parameter configurations of the alert monitoring rule are not deleted. If you want to enable the alert instance again, you do not need to reconfigure the parameters of the alert monitoring rule. |
Pause an alert instance | If you pause an alert instance, alerts are not triggered based on the alert monitoring rule within a specified period of time. |
Resume an alert instance | You can resume a paused alert instance based on your business requirements. |
Delete an alert instance | If you delete an alert instance, the status of the alert monitoring rule changes to Not Created, which is displayed in the Status column. If you delete an alert instance, the parameter configurations of the alert monitoring rule are also deleted. If you want to enable an alert instance again, you must reconfigure the parameters of the alert monitoring rule. |