Skip to content

Alibaba Cloud DDoS New BGP High Defense

The displayed Metrics of Alibaba Cloud DDoS New BGP High Defense include attack protection capability, cleaning capability, response time, and reliability. These Metrics reflect the performance and credibility of the New BGP High Defense service when dealing with large-scale DDoS attacks.

Configuration

Install Func

It is recommended to enable the Guance integration - Expansion - DataFlux Func (Automata): all prerequisites will be automatically installed. Please continue with the script installation.

If you deploy Func yourself, refer to Self-deployed Func

Installation Script

Note: Please prepare an Alibaba Cloud AK that meets the requirements in advance (for simplicity, you can directly grant global read-only permission ReadOnlyAccess) Note: Before using this collector, you must install the "Guance Integration Core Package" and its corresponding third-party dependency packages.

To synchronize the monitoring data of DDoS cloud resources, we install the corresponding collection script: "Guance Integration (Alibaba Cloud-DDoS High Defense Collection)" (ID: guance_aliyun_ddoscoo)

After clicking 【Install】, enter the corresponding parameters: Alibaba Cloud AK, Alibaba Cloud account name.

Click 【Deploy Startup Script】, and the system will automatically create a Startup script set and automatically configure the corresponding startup script.

After enabling, you can see the corresponding automatic trigger configuration in "Manage / Automatic Trigger Configuration". Click 【Execute】 to immediately execute once without waiting for the regular time. After a short wait, you can view the execution task records and corresponding logs.

We default collect some configurations, details are shown in the Metrics section.

Customize Cloud Object Metrics

Verification

  1. In "Manage / Automatic Trigger Configuration", confirm whether the corresponding task has the corresponding automatic trigger configuration, and at the same time, you can check the corresponding task records and logs to check for any abnormalities.
  2. On the Guance platform, under "Infrastructure / Custom", check if there is asset information.
  3. On the Guance platform, under "Metrics", check if there are corresponding monitoring data.

Metrics

After configuring Alibaba Cloud - Cloud Monitoring, the default Measurement set is as follows, and more Metrics can be collected through configuration. Alibaba Cloud Cloud Monitoring Metrics Details

MetricName Description Unit Dimensions
Active_connection Number of active connections count userId,InstanceId,ip
AttackTraffic Attack traffic on high defense IP bit/s userId,InstanceId,ip
Back_Traffic Backsource traffic on high defense IP bit/s userId,InstanceId,ip
In_Traffic Incoming traffic on high defense IP bit/s userId,InstanceId,ip
Inactive_connection Number of inactive connections count userId,InstanceId,ip
New_connection Number of new connections count userId,InstanceId,ip
Out_Traffic Outgoing traffic on high defense IP bit/s userId,InstanceId,ip
qps QPS countS userId,InstanceId,ip
qps_ratio_down QPS decrease rate % userId,InstanceId,ip
qps_ratio_up QPS growth rate % userId,InstanceId,ip
resp2xx 2XX status code count userId,InstanceId,ip
resp2xx_ratio Proportion of 2XX status codes % userId,InstanceId,ip
resp3xx 3XX status code count userId,InstanceId,ip
resp3xx_ratio Proportion of 3XX status codes % userId,InstanceId,ip
resp404 404 status code count userId,InstanceId,ip
resp404_ratio Proportion of 404 status codes % userId,InstanceId,ip
resp4xx 4XX status code count userId,InstanceId,ip
resp4xx_ratio Proportion of 4XX status codes % userId,InstanceId,ip
resp502 502 status code count userId,InstanceId,ip
resp503 503 status code count userId,InstanceId,ip
resp504 504 status code count userId,InstanceId,ip
resp5xx 5XX status code count userId,InstanceId,ip
resp5xx_ratio Proportion of 5XX status codes % userId,InstanceId,ip
upstream_resp2xx 2XX backsource status code count userId,InstanceId,ip
upstream_resp2xx_ratio Proportion of 2XX backsource status codes % userId,InstanceId,ip
upstream_resp3xx 3XX backsource status code count userId,InstanceId,ip
upstream_resp3xx_ratio Proportion of 3XX backsource status codes % userId,InstanceId,ip
upstream_resp4xx 4XX backsource status code count userId,InstanceId,ip
upstream_resp4xx_ratio Proportion of 4XX backsource status codes % userId,InstanceId,ip
upstream_resp5xx 5XX backsource status code count userId,InstanceId,ip
upstream_resp5xx_ratio Proportion of 5XX backsource status codes % userId,InstanceId,ip
upstream_resp404 404 backsource status code count userId,InstanceId,ip
upstream_resp404_ratio Proportion of 404 backsource status codes % userId,InstanceId,ip

Objects

The object data structure of the collected Alibaba Cloud DDoS New BGP High Defense objects can be seen in "Infrastructure - Custom".

{
  "measurement": "aliyun_ddoscoo",
  "tags": {
    "name"      : "rg-acfm2pz25js****",
    "InstanceId": "rg-acfm2pz25js****",
    "RegionId"  : "cn-hangzhou",
    "Status"    : "1",
    "Edition"   : "9",
    "IpVersion" : "Ipv4",
    "Enabled"   : "1"
  },
  "fields": {
    "ExpireTime": "1637812279000",
    "CreateTime": "1637812279000",
    "message"   : "{Instance JSON data}"
  }
}

Feedback

Is this page helpful? ×