Monitoring and logging are essential for ensuring the availability, operation, and health of your Elastic Compute Service (ECS) resources. Alibaba Cloud offers a suite of monitoring and log audit services, including CloudMonitor and Cloud Config, to facilitate real-time oversight of cloud resource usage and operational status, enabling prompt responses to abnormal alerts.
ECS instances and disks monitoring
You can monitor the vCPU utilization of ECS instances, the IOPS of disks, and throughput of disks in the ECS console. This monitoring data helps determine the health of ECS instances and facilitates rapid issue resolution.
For instance monitoring information, see View the monitoring information of an ECS instance.
For disk monitoring information, see View the monitoring data of a cloud disk and Analyze disks.
Monitor the health status of Alibaba Cloud services
We recommend that you keep track of the health status of your Alibaba Cloud resources so that you can handle exceptions at the earliest opportunity. For more information, visit Alibaba Cloud status.
On the Alibaba Cloud status page, you can check the health status of cloud services in each region, and subscribe to Really Simple Syndication (RSS) feeds about service exceptions.
CloudMonitor
ECS integrates Alibaba Cloud CloudMonitor. You can obtain the real-time monitoring metrics of cloud resources and Internet applications free of charge. CloudMonitor monitors the status of ECS resource usage and business exceptions in real time.
Enable alerting for key metrics of a cloud service
CloudMonitor allows you to enable alerting for ECS multiple key metrics with a few clicks. This way, you can build an alert system for your cloud service with high efficiency to obtain the overall resource usage and business operation status. For more information, see Enable the initiative alert feature.
Configure custom alert rules for metrics
You can configure alert rules for metrics. Alerts can be sent by using phone calls, text messages, emails, DingTalk chatbots, and the Alibaba Cloud app.
You can create an alert blacklist to block alerts for specific metrics. For more information, see Manage alert blacklists.
View monitoring information
CloudMonitor provides a default ECS monitoring dashboard, displaying ECS monitoring data. For more information, see View the monitoring dashboard of a cloud service.
View ECS instance and disk monitoring information in the and CloudMonitor console. For more information, see View instance monitoring information and View disk monitoring information.
Cloud Config
ECS integrates Alibaba Cloud Cloud Config. You can keep track of resource configuration changes and implement audits to ensure the continuous compliance of your cloud infrastructure free of charge.
Audit and record resource configuration changes
Cloud Config can audit the operations performed by your Alibaba Cloud account and all RAM users created by your Alibaba Cloud account. By default, configuration changes are recorded every 10 minutes.
Enable the compliance pre-check for CCSP 2.0
Cloud Config provides rules based on the specifications in Baseline for Classified Protection of Cybersecurity 2.0 (CCSP 2.0) and uses the rules to evaluate the compliance of resources. You can enable the compliance pre-check for CCSP 2.0 with a few clicks. The feature then continuously evaluates resource compliance. You can also download the compliance pre-check result and submit it to an inspection agency.
Query and analyze audit data in real time
You can deliver the historical configuration changes and non-compliant events of your resources to a Logstore of Simple Log Service. This way, you can query and analyze the logs in a centralized manner. For more information, see Deliver resource data to a Logstore of Simple Log Service.
ActionTrail
ECS integrates Alibaba Cloud ActionTrail. You can manage logs of all operations on cloud resources, record user logon and resource access actions, and implement security evaluation, intrusion detection, resource change tracking, and compliance audits.
ActionTrail can generate logs of cloud service access by using the Alibaba Cloud console, API operations, and developer tools. For information about the audit events, see Audit events of supported cloud services.
By default, ActionTrail tracks and retains events of the last 90 days. If you need to retain events for a longer period of time, you can create a trail to deliver events to Simple Log Service or OSS. For more information, see Create a trail.
After you create a trail to deliver events to a Logstore of Simple Log Service or an OSS bucket, you can query or analyze the events in the Simple Log Service or OSS console. For more information, see Query events in the Simple Log Service or OSS console.
Simple Log Service
ECS integrates Alibaba Cloud Simple Log Service (SLS). SLS can collect and process logs of operations on cloud services, service status, and business updates. SLS can also analyze logs in real time or deliver logs to other cloud services for monitoring and auditing. For more information, see Use the Operation Content and Result Delivery feature.
Flow logs and traffic mirroring
ECS supports the monitoring and analysis of network traffic through VPC flow logs and traffic mirroring, helping you with the access control rule verification, network traffic monitoring, and network issue troubleshooting. For more information, see Overview of flow logs and Overview of traffic mirroring.