Overview
Traffic analysis incurs fees for logs. When you activate Private DNS, traffic analysis is disabled by default. You must enable traffic analysis as needed. If you have not enabled traffic analysis, the system displays a message indicating that simulation data is displayed after you click Traffic Analysis Mode. You can click Enable to enable traffic analysis.
If you have not activated the Private DNS service, you are redirected to the service activation page. You must activate the Private DNS service first. For more information, see Activate Private DNS.
If you have activated the Private DNS service, the Traffic Analysis Settings dialog box appears after you click Enable.
You can perform the following settings in the Traffic Analysis Settings dialog box:
Specify regions or VPCs: Select the regions or VPCs for which you want to enable traffic analysis.
You can enable traffic analysis only for your own VPCs, but cannot enable traffic analysis for the VPCs that have been associated with authorized accounts.
Enable Simple Log Service (SLS): If you have enabled traffic analysis, you can activate the SLS service to store DNS logs. You can go to the SLS console to configure logging rules. For more information, see Enable and manage log collection.
By default, logs are printed for all regions and VPCs that have traffic analysis enabled. You can also select specific regions or VPCs to print logs.
You can store logs in SLS only for the regions and VPCs that have traffic analysis enabled. The prerequisite to store traffic analysis logs in SLS is that you have enabled traffic analysis. If you do not enable traffic analysis, no logs are stored in SLS.
Procedure
Enable traffic analysis
Log on to the Alibaba Cloud DNS console.
In the left-side navigation pane, click Private DNS (PrivateZone). On the page that appears, click Traffic Analysis Mode in the upper-right corner. In the Note dialog box, click Enable.
In the Traffic Analysis Settings dialog box, set the regions or VPCs for which you want to enable traffic analysis and the location for deploying log analysis servers, and then click OK.
Modify traffic analysis settings
Log on to the Alibaba Cloud DNS console.
In the left-side navigation pane, click Private DNS (PrivateZone). On the page that appears, click Traffic Analysis Mode in the upper-right corner and click Settings next to Enable Traffic Analysis.
In the Traffic Analysis Settings dialog box, modify the settings of regions, VPCs, and the location for deploying log analysis servers, and then click OK.
Disable traffic analysis
Log on to the Alibaba Cloud DNS console.
In the left-side navigation pane, click Private DNS (PrivateZone). On the page that appears, click Traffic Analysis Mode in the upper-right corner and turn off the switch before Enable Traffic Analysis.
In the Disable Confirmation message, click OK.
WarningIf you have enabled the log storage feature for Private DNS in the SLS console, you must disable the log storage feature before you disable the traffic analysis feature for Private DNS. Otherwise, Log Audit Service automatically detects and enables the traffic analysis feature of Private DNS for the VPC instance. In this case, if you manually disable the traffic analysis feature in the DNS console, Log Audit Service reactivates this feature to meet the collection requirements. For more information, see Additional fees for specific cloud services.