Monitoring and logging-Virtual Private Cloud(VPC)-阿里云帮助中心

Alibaba Cloud provides a suite of monitoring and logging services that give you real-time visibility into your virtual private cloud (VPC) — from metric thresholds and configuration compliance to full packet capture and operation auditing.

Choose the right tool

Each service covers a distinct monitoring scenario:

Service	What it monitors	Best for
CloudMonitor	Metric thresholds (bandwidth, packet loss, IPAM usage)	Real-time alerting on traffic and IP address metrics
Alibaba Cloud Status	Health status of Alibaba Cloud services per region	Tracking service-level incidents and outages
Cloud Config	Resource configuration changes and compliance	Compliance auditing and configuration drift detection
ActionTrail	API calls and console operations under your account	Security analytics, intrusion detection, and audit trails
VPC flow logs	Inbound and outbound traffic metadata for elastic network interfaces (ENIs)	Network performance monitoring and cost optimization
Traffic mirroring	Full packet content from specified ENIs	Deep traffic inspection and threat monitoring

Troubleshooting

Self-service

The self-service troubleshooting feature for VPC helps you troubleshoot issues such as network connectivity for VPC-connected instances, connectivity between VPCs and external networks, billing issues, and insufficient resource quotas. It also provides recommended solutions. During the troubleshooting process, the feature may probe and diagnose your instances without affecting their configurations or your services.

Basic cloud monitoring

VPC integrates with CloudMonitor, a free service that tracks key metrics in real time.

Metric threshold alerts

Create threshold-based alert rules for VPC-related metrics to get notified as soon as a data anomaly occurs.

Subscribe to threshold events

When a metric crosses a threshold, CloudMonitor sends a notification to the configured alert contacts. Subscribe to threshold events to control how those notifications are delivered:

Noise reduction: Merge alerts by subscription scope and apply conditional filters to suppress repeated alerts and prevent alert storms.
Escalation: If an alert remains unresolved after a specified period, CloudMonitor automatically escalates the notification to the next alert contact group.
Custom notification channels: Define notification levels and templates for each channel. Push all alert data directly to Simple Message Queue (formerly MNS), Simple Log Service (SLS), Function Compute (FC), or webhooks.

Monitored metrics

Product	Metric type	Monitored metrics
VPC peering connection	Instance dimension	Inbound traffic within cycle, Outbound traffic within cycle, Packet loss rate due to network throttling, Inbound bandwidth, Outbound bandwidth
IPAM scope	Instance dimension	Number of compliant CIDR blocks in scope, Number of non-compliant CIDR blocks in scope, Number of ignored CIDR blocks in scope, Number of managed CIDR blocks in scope, Number of unmanaged CIDR blocks in scope, Number of non-overlapping CIDR blocks, Number of overlapping CIDR blocks, Number of subnet CIDR blocks, Number of VPC CIDR blocks
IPAM pool	Instance dimension	Overall pool usage, Sub-pool allocation usage, Resource allocation usage, Number of compliant CIDR blocks in the pool, Number of non-compliant CIDR blocks in the pool, Number of overlapping CIDR blocks in the pool, Number of non-overlapping CIDR blocks in the pool
IPAM resource (VPC)	Instance dimension	VPC usage, VPC IPv4 CIDR block usage, VPC IPv6 CIDR block usage
IPAM resource (vSwitch)	Instance dimension	Subnet usage, Subnet IPv4 CIDR block usage, Subnet IPv6 CIDR block usage

Alibaba Cloud Status page

The Alibaba Cloud Status page shows the real-time health of cloud resources across each region. Use it to spot service abnormalities quickly and subscribe to RSS feeds to receive status updates automatically.

Cloud Config

VPC integrates with Cloud Config, available as a free trial. Cloud Config tracks the configuration history of your cloud resources and runs continuous compliance checks, so you know immediately when something drifts out of compliance.

Configuration change detection: Cloud Config records operation events for your Alibaba Cloud account and all Resource Access Management (RAM) users. Configuration changes are captured every 10 minutes by default.
MLPS 2.0 pre-check: Enable the MLPS 2.0 pre-check feature with a single click. Cloud Config applies the corresponding compliance rules to your resource configurations continuously. Download the pre-check report to submit to an inspection agency.
Centralized log analysis: Deliver configuration history and non-compliant event data to a specified Logstore in SLS to query and analyze log data using SLS.

ActionTrail

VPC integrates with ActionTrail, which records user logon events and every operation performed under your Alibaba Cloud account — whether through the Alibaba Cloud Management Console, OpenAPI, or developer tools. Use ActionTrail for security analytics, intrusion detection, resource change tracking, and compliance auditing.

View audit events for VPC recorded by ActionTrail.
By default, events from the last 90 days are available. To retain logs beyond 90 days, create a trail to deliver events to SLS or Object Storage Service (OSS).
After delivery, query events in the SLS or OSS console.
Create a historical event delivery task to deliver past events to SLS.

Flow logs and traffic mirroring

Use these two services together for comprehensive network traffic visibility:

VPC flow logs collect metadata — inbound and outbound traffic information — for ENIs. Use flow logs to monitor network performance, troubleshoot faults, and optimize traffic costs.
VPC traffic mirroring copies traffic that matches filter conditions to and from a specified ENI to a security analysis device for real-time inspection. Traffic mirroring operates as a bypass solution and does not affect your service traffic.