Enable VPC flow logs
- Navigate to VPC in the AWS console
- Under Resources by Region Select VPCs
- The next step will use the CloudShell, where you'll copy and paste a CLI command to more efficiently and accurately enable working flow log configuration for your VPC.
Flow logs will be enabled with the following settings preconfigured:
- Traffic type: ALL
- Resource ID:
- Log destination type: S3
- Max aggregation interval: 1 minute
- Open Cloudshell
You'll see a command prompt open up on the lower half of the screen
- Copy and paste the command below, replace
<VPC ID>
with the VPC ID you want to enable flow logs for, and replace<bucket name>
with the name of your S3 bucket created in a previous step.
aws ec2 create-flow-logs \
--resource-type VPC \
--resource-ids <VPC ID> \
--traffic-type ALL \
--log-destination-type s3 \
--log-destination arn:aws:s3:::<bucket name> \
--log-format '${version} ${account-id} ${interface-id} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${protocol} ${packets} ${bytes} ${start} ${end} ${action} ${log-status} ${tcp-flags} ${type} ${pkt-dstaddr} ${pkt-srcaddr} ${instance-id} ${vpc-id} ${az-id} ${sublocation-id} ${sublocation-type} ${subnet-id}' \
--max-aggregation-interval 60
If the log format isn't specified exactly as it is in the above command, your integration will fail.
- Once you've pasted in the command, it should look like this:
- Hit the enter key to run the command.
If you see the below, your flow logs have been successfully created.
"Unsuccessful":[]
means you were successful and no errors were indicated.
Updated 3 months ago