IBM Cloud VPC Flow Logs via Cloud Object Storage Setup

Suggest Edits

This document provides instructions for configuring the collection of IBM Cloud VPC Flow Logs with IBM Cloud Object Storage.Note: VPC Flow Logs are only available on VPC Infrastructure Gen 2

Console Steps

Create Cloud Object Storage Service

  1. First create the cloud object storage service. 

  2. Using the search bar type "cloud object storage" to be brought to the configuration page.

  3. Select your desired storage plan, name your server, and select your resource group then click create.

Create Object Storage Bucket

  1. From the Cloud Object Storage page click Buckets to create a storage bucket.

  2. Choose a bucket name and add an expiration rule for as many days as you'd like to keep the raw logs.

Create Service credentials

  1. Click service credentials on the Cloud Object Service page to create credentials Netography will use to access the flow logs. 

  2. Give it a name and use the reader role.

  3. Click the chevron next to the key name as it will have the necessary information for the Netography Portal.

Grant Service Authorizations

  1. From the main menu bar click Manage > Access (IAM)

  2. The VPC Flow Logs need the ability to write to the Cloud Object Storage Bucket.

  3. Click Authorizations in the left navigation.

  4. Use Infrastructure Service for Source service.

  5. This will then reveal the Resource Type drop down, select Flow Logs for VPC.

  6. Then select Cloud Object Storage for Target service.

  7. Select the Cloud Object Storage service we created earlier for the Service instance.

  8. Select Write for the Service access.

Create Flow Logs

  1. In the main search bar type 'flow logs' and click Flow Logs for VPC.

  2. Provide a name for the flow log collector.

  3. Select your resource group.

  4. Attach it to the VPC

  5. Select your VPC, Cloud Object Storage Service, and Bucket.

  6. Click Create flow log

  7. You should now see the flow log collector.

  8. Click on the Object Storage Bucket to see the flow logs in the buck.

Netography Portal Steps

Navigate to Flow Sources, and click "Add Flow Source", then select IBM COS

Configuration

The following fields are specific to the IBM COS configuration.

FieldRequiredDescriptionExamples
RegionyesLocation of the flow sourceus-east
BucketyesThe COS bucket name
PrefixOptional folder prefix

Authentication

The following fields are necessary for the integration to authenticate with IBM.

FieldRequiredDescription
API KeyyesThe API key that is associated for the Service ID
Service Instance IDyesUnique identifier for the instance of Object Storage the credential accesses. This is also referred to as a service credential

Updated 4 months ago