When you use a VPN gateway, CloudMonitor automatically monitors system events such as service failures, O&M events, and user service exceptions. This topic describes how to view system events in the CloudMonitor console and configure alert rules for system events.
Background information
CloudMonitor monitors the following system events when you use a VPN gateway. Each system event has a default severity level. You can specify a custom severity level for a system event when you create an alert rule.
- CRITICAL: critical We recommend that you handle such system events at the earliest opportunity.
- WARN: warning We recommend that you handle such system events based on your requirements.
- INFO: information You do not need to handle such system events.
For example, if the initial health check status of an IPsec-VPN connection is Failed due to wrong configurations, the health check failed system event does not occur. The health check success or health check failed system event occurs only when the health check status changes from Failed to Successful or from Successful to Failed. If you have configured alert rules for system events, you are notified of the system event.
| System event | Severity level | Description |
|---|---|---|
| The certificate expires | CRITICAL | The SSL certificate associated with a ShangMi (SM) VPN gateway has expired. |
| health check failed | WARN | In scenarios in which an IPsec-VPN connection is associated with a VPN gateway, the IPsec-VPN connection fails health checks. |
| health check success | INFO | In scenarios in which an IPsec-VPN connection is associated with a VPN gateway, the IPsec-VPN connection passes health checks. |
| Phase 1 negotiations fail | WARN | In scenarios in which an IPsec-VPN connection is associated with a VPN gateway, Phase 1 negotiations fail. |
| Phase 1 negotiations succeed | INFO | In scenarios in which an IPsec-VPN connection is associated with a VPN gateway, Phase 1 negotiations succeed. |
| Phase 2 negotiations fail | WARN | In scenarios in which an IPsec-VPN connection is associated with a VPN gateway, Phase 2 negotiations fail. |
| Phase 2 negotiations succeed | INFO | In scenarios in which an IPsec-VPN connection is associated with a VPN gateway, Phase 2 negotiations succeed. |
| The IPsec-VPN connection fails health checks | WARN | In scenarios in which an IPsec-VPN connection is associated with a transit router, the IPsec-VPN connection fails health checks. |
| The IPsec-VPN connection passes health checks | INFO | In scenarios in which an IPsec-VPN connection is associated with a transit router, the IPsec-VPN connection passes health checks. |
| Phase 1 negotiations fail | WARN | In scenarios in which an IPsec-VPN connection is associated with a transit router, Phase 1 negotiations fail. |
| Phase 1 negotiations succeed | INFO | In scenarios in which an IPsec-VPN connection is associated with a transit router, Phase 1 negotiations succeed. |
| Phase 2 negotiations fail | WARN | In scenarios in which an IPsec-VPN connection is associated with a transit router, Phase 2 negotiations fail. |
| Phase 2 negotiations succeed | INFO | In scenarios in which an IPsec-VPN connection is associated with a transit router, Phase 2 negotiations succeed. |
View system events of a VPN gateway
You can view system events of a VPN gateway in the CloudMonitor console.
- Log on to the CloudMonitor console.
- In the left-side navigation pane, choose .
- On the Event Monitoring tab, select VPN Gateway, select a severity level, an event name, and a time period, and then click Search.
- In the event list, you can view event information in the Event Level, Region, Resource, and Contents columns. You can also click Details in the Actions column to view the details about a system event. The information in the Event Details panel is in the JSON format.
Create an alert rule for a VPN gateway system event
We recommend that you create alert rules so that you can be notified in a timely manner when system events occur.
- Log on to the CloudMonitor console.
- In the left-side navigation pane, choose .
- On the System Event page, click the Event-triggered Alert Rules tab. Then, click Create Alert Rule.
- In the Create/Modify Event Alert panel, set the parameters and click OK. Select VPN Gateway in the Product Type section and set the other parameters. For more information about the other parameters, see Create a system event-triggered alert rule.After you create an alert rule, you can view it on the Event-triggered Alert Rules tab.
What to do next
If a system event occurs or you receive an alert notification, you can troubleshoot in the VPN Gateway console. For more information, see Troubleshoot IPsec-VPN connection issues.
References
For more information about system events of Alibaba Cloud services, see Overview.