You can use monitoring and logging services to monitor the health status of the resources in your virtual private clouds (VPCs). This ensures the availability and stability of the resources. You can use monitoring services to collect monitoring data. Alibaba Cloud provides a variety of monitoring and auditing services, such as CloudMonitor and Cloud Config. These services can monitor resource usage and service performance in real time, generate alerts, and notify you of anomalies.
Monitor the health status of Alibaba Cloud services
We recommend that you keep track of the health status of your Alibaba Cloud resources so that you can handle exceptions at the earliest opportunity. For more information, visit Alibaba Cloud status.
On the Alibaba Cloud Resource Healthiness Updates page, you can check the health status of every service in each region, and find the methods to subscribe to Really Simple Syndication (RSS) feeds about service exceptions.
Cloud Config
VPC is integrated with Cloud Config, which provides a free trial. You can use Cloud Config to track the configuration history of your cloud resources and configure compliance auditing. This ensures the compliance of your infrastructure resources.
Audit and record resource configuration changes
Cloud Config can audit the operations performed by your Alibaba Cloud account and all RAM users created by your Alibaba Cloud account. By default, configuration changes are recorded every 10 minutes.
Enable the compliance pre-check for CCSP 2.0
Cloud Config provides rules based on the specifications in Baseline for Classified Protection of Cybersecurity 2.0 (CCSP 2.0) and uses the rules to evaluate the compliance of resources. You can enable the compliance pre-check for CCSP 2.0 with a few clicks. The feature then continuously evaluates resource compliance. You can also download the compliance pre-check result and submit it to an inspection agency.
Query and analyze audit data in real time
You can deliver the historical configuration changes and non-compliant events of your resources to a Logstore of Simple Log Service. This way, you can query and analyze the logs in a centralized manner. For more information, see Deliver resource data to a Log Service Logstore.
ActionTrail
VPC is integrated with ActionTrail, which can monitor and record the operations performed by Alibaba Cloud accounts. In addition, ActionTrail can analyze security risks, detect intrusions, track changes, and perform compliance auditing.
ActionTrail can generate logs of cloud service access by using the Alibaba Cloud console, API operations, and developer tools. For more information about the events supported by ActionTrail, see Audit events of VPC.
By default, ActionTrail tracks and retains events from the last 90 days. If you need to retain events for a longer period of time, create a trail to deliver events to Log Service or OSS. For more information, see Getting Started.
After you create a trail to deliver events to a Logstore of Simple Log Service or an OSS bucket, you can query or analyze the events in the Simple Log Service or OSS console. For more information, see Query events in the Log Service or OSS console.
If you want to track historical events, you can create a historical event delivery task to deliver data to Log Service. For more information, see Create a historical event delivery task.
Flow log management
VPC provides the flow log feature. The feature records information about inbound and outbound traffic of an elastic network interface (ENI). You can check access control rules, monitor network traffic, and troubleshoot network errors based on the flow logs. For more information about flow logs, see Overview of flow logs.
When you enable the flow log feature, you need to log on to the Log Service product page to activate Log Service. For more information, see Create and manage flow logs.
You can use flow logs to monitor traffic in the following scenarios:
Traffic mirroring
You can use the traffic mirroring feature to mirror packets that pass through an ENI and that meet specific filter conditions. The traffic mirroring feature mirrors network traffic from an ECS instance in a VPC and forwards the traffic to a specified ENI or an internal-facing Classic Load Balancer (CLB) instance. You can use this feature in scenarios such as content inspection, threat monitoring, and troubleshooting. For more information about traffic mirroring, see Overview of traffic mirroring.
If you use the traffic mirroring feature for the first time, log on to the Traffic Mirroring page to enable the traffic mirroring feature. For more information, see Create and manage traffic mirroring sources.