Amazon VPC Flow Logs

Posted: July 10, 2017 in Amazon Web Services (AWS), Linux

In one of the previous posts we created custom VPC, now we’ll capture traffic entering to our VPC.

Flow Logs enables us to capture information about the IP traffic going to and from network interfaces in VPC. Flow log data is stored using Amazon CloudWatch Logs

Services-Networking & Content Delivery-VPC

Untitled

 

Your VPC’s:

Untitled.png

Select your VPC-from Actions menu click Create Flow Log

 

Untitled.png

We need to create IAM role to allow VPC’s to interact with CloudWatch-Click “Set Up Permissions”

 

Untitled

 

 

Untitled

 

Now we need to create Destination Log Group,under Management Tools Click CloudWatch

Log groups define groups of log streams that share the same retention, monitoring, and access control settings

Untitled.png

 

Click Logs-Create Log Group

Untitled.png

 

Untitled

 

Now again select your VPC-from Actions menu click Create Flow Log,click on any empty field and select Role and Destination Log group and click Create Flow Log

 

Untitled

 

Creating Log Streams

Log stream represent the sequence of events coming from the application instance or resource being monitored.

From CloudWatch click Logs-click on Log Group

Untitled

Click Create Log Stream

 

Untitled.png

Untitled

Generate some traffic (refresh page)

Untitled.png

After few minutes we’ll see our Log Stream

Untitled.png

Click on it and you’ll see captured traffic

 

Untitled.png

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s