Archive for July, 2017

In one of the previous posts we created custom VPC, now we’ll capture traffic entering to our VPC.

Flow Logs enables us to capture information about the IP traffic going to and from network interfaces in VPC. Flow log data is stored using Amazon CloudWatch Logs

Services-Networking & Content Delivery-VPC

Untitled

 

Your VPC’s:

Untitled.png

Select your VPC-from Actions menu click Create Flow Log

 

Untitled.png

We need to create IAM role to allow VPC’s to interact with CloudWatch-Click “Set Up Permissions”

 

Untitled

 

 

Untitled

 

Now we need to create Destination Log Group,under Management Tools Click CloudWatch

Log groups define groups of log streams that share the same retention, monitoring, and access control settings

Untitled.png

 

Click Logs-Create Log Group

Untitled.png

 

Untitled

 

Now again select your VPC-from Actions menu click Create Flow Log,click on any empty field and select Role and Destination Log group and click Create Flow Log

 

Untitled

 

Creating Log Streams

Log stream represent the sequence of events coming from the application instance or resource being monitored.

From CloudWatch click Logs-click on Log Group

Untitled

Click Create Log Stream

 

Untitled.png

Untitled

Generate some traffic (refresh page)

Untitled.png

After few minutes we’ll see our Log Stream

Untitled.png

Click on it and you’ll see captured traffic

 

Untitled.png