IBM Cloud VPC Flow Logs via Cloud Object Storage Setup

This document provides instructions for configuring the collection of IBM Cloud VPC Flow Logs with IBM Cloud Object Storage.Note: VPC Flow Logs are only available on VPC Infrastructure Gen 2

Console Steps

Create Cloud Object Storage Service

  1. First create the cloud object storage service.

  2. Using the search bar type "cloud object storage" to be brought to the configuration page.

  3. Select your desired storage plan, name your server, and select your resource group then click create.

Create Object Storage Bucket

  1. From the Cloud Object Storage page click Buckets to create a storage bucket.

  2. Choose a bucket name and add an expiration rule for as many days as you'd like to keep the raw logs.

Create Service credentials

  1. Click service credentials on the Cloud Object Service page to create credentials Netography will use to access the flow logs.

  2. Give it a name and use the reader role.

  3. Click the chevron next to the key name as it will have the necessary information for the Netography Portal.

Grant Service Authorizations

  1. From the main menu bar click Manage > Access (IAM)

  2. The VPC Flow Logs need the ability to write to the Cloud Object Storage Bucket.

  3. Click Authorizations in the left navigation.

  4. Use Infrastructure Service for Source service.

  5. This will then reveal the Resource Type drop down, select Flow Logs for VPC.

  6. Then select Cloud Object Storage for Target service.

  7. Select the Cloud Object Storage service we created earlier for the Service instance.

  8. Select Write for the Service access.

Create Flow Logs

  1. In the main search bar type 'flow logs' and click Flow Logs for VPC.

  2. Provide a name for the flow log collector.

  3. Select your resource group.

  4. Attach it to the VPC

  5. Select your VPC, Cloud Object Storage Service, and Bucket.

  6. Click Create flow log

  7. You should now see the flow log collector.

  8. Click on the Object Storage Bucket to see the flow logs in the buck.

Netography Portal Steps

Navigate to Traffic Sources, and click "Add Traffic Source", then select IBM COS

Configuration

The following fields are specific to the IBM COS configuration.

Field
Required
Description
Examples

Region

yes

Location of the flow source

us-east

Bucket

yes

The COS bucket name

Prefix

Optional folder prefix

Authentication

The following fields are necessary for the integration to authenticate with IBM.

Field
Required
Description

API Key

yes

The API key that is associated for the Service ID

Service Instance ID

yes

Unique identifier for the instance of Object Storage the credential accesses. This is also referred to as a service credential

PreviousGCP VPC Flow Logs via Pub/Sub SetupNextOracle Cloud VCN Flow Logs via Cloud Object Storage Setup

Last updated