Amazon VPC Flow Logs in AWS (Amazon Web Services)
In this article,we will see create flow logs and store in Amazon S3 Bucket.
- low Logs enables you to capture information about the IP traffic going to and from network interfaces in your VPC.
- Flow log data is stored using Amazon CloudWatch Logs.
- After you’ve created a ﬂow log, you can view and retrieve its data in Amazon CloudWatch Logs.
You can create a ﬂow log for:
- Network Interface
Flow log format:
version account-id interface-id srcaddr dstaddr srcport dstport protocol packets bytes start end
action log- status.
First, we need to AWS Console page by using below link.
Click on sign in to Console button.
Logging to aws account
Provide username and password then click on sign in.
Enter to AWS Management Console
We can see the AWS Management Console Dashboard.
Go to Services, under the Networking & Content Delivery click VPC service to open.
Create Flow Logs
Go to your vpc’s,click on Create flow log in Flow Logs tab.
Create S3 Bucket
Click on create bucket.
In Region, Choose required region.
Click on Next.
Click on Next.
Make bucket to public
Unchecked Block all public access.
Go to Manage System permissions and choose Grant Amazon S3 Log Delivery group write access to this bucket then click on Next.
Verify all the details which has given by user then click on create bucket.
We can see the bucket “ktexpertsbucket”.
Copy S3 bucket ARN
Select bucket and copy bucket ARN.
Paste Bucket ARN in the S3 bucket ARN field and click on Create.
The flow log has been created successfully and click on close.
Launch Linux EC2 Instance
Check below link to Launch Linux EC2 Instance
It will take around 15 minutes to create flow logs.
Verify Flow logs
Go to S3 Bucket, click on bucket to open.
We can see AWSLogs these are belongs to Flow logs.
We can see Flow logs objects which were generated recently.
we can see all flow logs.
Thank you for giving your valuable time to read the above information.
Follow us on
Website : www.ktexperts.com
Facebook Page : KTexperts