{"id":630,"date":"2021-11-11T10:35:16","date_gmt":"2021-11-11T10:35:16","guid":{"rendered":"http:\/\/18.141.20.153\/?p=630"},"modified":"2025-08-20T11:19:51","modified_gmt":"2025-08-20T11:19:51","slug":"network-traffic-flows-using-vpc-flow-logs","status":"publish","type":"post","link":"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/","title":{"rendered":"How to log, view and analyze network traffic flows using VPC Flow Logs?"},"content":{"rendered":"<span class=\"rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\">Reading Time: <\/span> <span class=\"rt-time\">14<\/span> <span class=\"rt-label rt-postfix\">minutes<\/span><\/span>\n<p><img src=\"https:\/\/lh5.googleusercontent.com\/VkYiEEM-4iIOYdWFI3DA9qqDPeYbEAWRJGYvNcM_Kb7-1oKqS-3QJ2LK_MkSdjjYAuuEbIPDlkoXWHFwpwpCxc_72oa6IovgZsXMaRA22JFPkFVtxmBMhFDbiaihTad9ZK78rKo\" style=\"width: 1600px;\"><\/p>\n\n\n\n<p class=\"has-text-align-justify\">Troubleshooting, connectivity, and security issues are always important tasks and require expertise to do these tasks. We can identify latency with the use of Flow Logs, which will allow us to immediately resolve\/tweak application performance issues without affecting end users.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">Each inbound and outbound traffic will be logged using Flow Logs, allowing us to analyze the data. We can find the gaps in the security and also we can avoid threats and malware entering the network.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">In this blog, we will discuss VPC Flow Log and will do hands-on to demonstrate how to configure Flow Log to analyze the IP traffic that is going to and from network interfaces from VPC.<\/p>\n\n\n\n<h4><strong>In this blog, we will cover:<\/strong><\/h4>\n\n\n\n<ul><li>What is VPC Flow Log?<\/li><li>Uses of VPC Flow Log<\/li><li>Understanding VPC Flow Log<\/li><li>VPC Flow Log Records<\/li><li>Limitations of VPC Flow Log<\/li><li>Hands-on: Publishing Flow Log to Cloudwatch Log group<\/li><li>Hands-on: Publishing Flow Log to S3 bucket<\/li><li>Conclusion<\/li><\/ul>\n\n\n\n<h2>What is a VPC Flow Log?<\/h2>\n\n\n\n<ul><li><a href=\"https:\/\/docs.aws.amazon.com\/vpc\/latest\/userguide\/flow-logs.html\" target=\"_blank\" rel=\"noreferrer noopener\">VPC Flow Logs<\/a> is a feature that records information about IP traffic flowing to and from network interfaces within the VPC.<\/li><li>We can configure Flow Logs to capture that information and send it to either the CloudWatch Log group or the S3 bucket.<\/li><li>Once the logging is sent to one of the destinations, we can then use that data for further analysis.<\/li><\/ul>\n\n\n\n<h2>Uses of Flow Logs<\/h2>\n\n\n\n<ul><li>Monitoring the traffic that is coming to the AWS resources such as <a href=\"https:\/\/www.workfall.com\/learning\/blog\/15-awsome-years-of-amazon-ec2-and-still-going-strong\/\">EC2<\/a> Instances<\/li><li>Determining the direction of the traffic to and from the network interfaces.<\/li><li>Diagnosing overly restrictive security group rules.<\/li><\/ul>\n\n\n\n<p>Collecting the Flow Logs doesn&#8217;t impact the network throughput or latency.<\/p>\n\n\n\n<p>We will be charged for delivering logs to the CloudWatch log group and S3 bucket.<\/p>\n\n\n\n<h2>Understanding Flow Logs<\/h2>\n\n\n\n<ul><li>VPC, Network Interfaces, and Subnets can all have Flow Logs.<\/li><li>All subnets and network interfaces within a VPC will be monitored if the Flow Logs are set for that VPC.<\/li><li>The network interfaces inside that subnet will be monitored if Flow Logs are enabled on the subnet level.<\/li><\/ul>\n\n\n\n<ul><li><strong>&nbsp;<\/strong>Flow Log records are Flow Log records that are gathered from network interfaces, subnets, and VPCs.<\/li><li>When creating and configuring Flow Logs, we&#8217;ll require the following information.<\/li><\/ul>\n\n\n\n<p>Accepted traffic and denied traffic are two types of traffic that must be captured.<\/p>\n\n\n\n<ul><li>The storage destination for Flow Logs data, such as Cloudwatch Log groups or S3 buckets.<\/li><li>The resource type for which the vpc Flow Logs should be created (Subnet, Network interface, VPC).<\/li><\/ul>\n\n\n\n<p>We can tag Flow Logs that are created for each network interface, subnets, or VPC&#8217;s.<\/p>\n\n\n\n<h2>Flow Log records<\/h2>\n\n\n\n<p>By default, The Flow Logs can record the following information.<\/p>\n\n\n\n<ul><li>Accepted and rejected traffic<\/li><li>Traffic through NAT Gateway<\/li><li>Traffic through Transit Gateway<\/li><li>TCP flag sequence<\/li><li>Network access control list rules and security groups<\/li><li>IPv6 Traffic<\/li><li>No data and skipped records<\/li><\/ul>\n\n\n\n<h2>Flow Log limitations<\/h2>\n\n\n\n<p>To use Flow Logs, you need to be aware of the following limitations:<\/p>\n\n\n\n<ul><li>You cannot enable Flow Logs for network interfaces that are in the EC2-Classic platform. This includes EC2-Classic instances that have been ClassicLink-linked to a VPC.<\/li><li>Flow Logs for VPCs that are peering with your VPC can&#8217;t be enabled until the peer VPC is in your account.<\/li><li>You can&#8217;t change the setup or record format of a Flow Log once it&#8217;s been established. For example, you can&#8217;t associate a different IAM role with the Flow Log, or add or remove fields in the Flow Log record. Instead, you can delete the Flow Log and create a new one with the required configuration.<\/li><li>The Flow Log displays the primary private IPv4 address in the dstaddr field if your network interface has multiple IPv4 addresses and traffic is sent to a secondary private IPv4 address. Create a Flow Log using the pkt-dstaddr field to capture the original destination IP address.<\/li><li>The Flow Log displays the primary private IPv4 address in the dstaddr field when traffic is transmitted to a network interface and the destination is not one of the network interface&#8217;s IP addresses. Make a Flow Log using the pkt-dstaddr field to capture the original destination IP address.<\/li><li>&nbsp;The Flow Log displays the primary private IPv4 address in the srcaddr field if traffic is sent from a network interface but the source is not one of the network interface&#8217;s IP addresses. Make a Flow Log using the pkt-srcaddr field to capture the original source IP address.<\/li><li>Regardless of the packet source or destination, the srcaddr and dstaddr fields in the Flow Log always reflect the primary private IPv4 address when traffic is sent to or sent by a network interface. Create a Flow Log containing the pkt-srcaddr and pkt-dstaddr fields to capture the packet source or destination.<\/li><li>Regardless of the selected maximum aggregation interval, when your network interface is joined to a Nitro-based instance, the aggregation interval is always 1 minute or less.<\/li><\/ul>\n\n\n\n<p>Flow Logs do not capture all IP traffic. The following types of traffic are not logged:<\/p>\n\n\n\n<ul><li>When instances contact the Amazon DNS server, traffic is created by them. All traffic to your own DNS server is logged if you use it.<\/li><li>A Windows instance generates traffic for Amazon Windows licence activation.<\/li><li>For example, metadata traffic to and from 169.254.169.254.<\/li><li>The Amazon Time Sync Service traffic to and from 169.254.169.123.<\/li><li>Traffic to the default VPC router&#8217;s reserved IP address.<\/li><li>Traffic between a network interface on an endpoint and a network interface on a Network Load Balancer<\/li><\/ul>\n\n\n\n<p>Data from Flow Logs can be published to two destinations, as previously stated.<\/p>\n\n\n\n<ul><li>Cloudwatch Log group<\/li><li>S3 Bucket<\/li><\/ul>\n\n\n\n<p>Let&#8217;s implement Flow Logs for the CloudWatch Log group and S3 bucket!<\/p>\n\n\n\n<h2>Hands-on<\/h2>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh5.googleusercontent.com\/s4Zd70OBFwPf98psaVHCAX-dsXqJRRA6LnSO5Tz9bpGXoEkmD1v3GgefD7PH20KeqrIRdvh4N5Z2JC2U3zF80HHKN_u0cY1gYJ0F7ZVDHgxC23HNyuoegSFmE_uqqnia5KWtDck\" alt=\"VPC Flow Logs \"\/><\/figure>\n\n\n\n<ul><li>Publishing Flow Logs to Cloudwatch Log group<\/li><\/ul>\n\n\n\n<ol><li>Creating IAM Policy<\/li><li>Creating IAM Role<\/li><li>Creating Cloudwatch log group<\/li><li>Creating Flow Log for a network interface<\/li><li>Creating Flow Log for a subnet<\/li><li>Creating Flow Log for a VPC<\/li><\/ol>\n\n\n\n<ul><li>Publishing Flow Logs to the S3 bucket<\/li><\/ul>\n\n\n\n<ol><li>Creating S3 Bucket<\/li><li>Understanding Flow Log files<\/li><li>Creating Flow Log for a Subnet<\/li><li>Creating Flow Log for a VPC<\/li><\/ol>\n\n\n\n<h2>Publishing Flow Logs to Cloudwatch Log group<\/h2>\n\n\n\n<ul><li>The data from all Flow Logs can be uploaded directly to the Cloudwatch Log group.<\/li><li>For each network interface, Cloudwatch log streams will be produced. Flow Log records will be present in the log streams.<\/li><li>We can create multiple Flow Logs and based on the traffic event (Eg: Accepted traffic), We can send them to the CloudWatch log group.<\/li><li>Before we can create Flow Logs, we need to give them access to publish logs to the Cloudwatch Log group.<\/li><\/ul>\n\n\n\n<ol><li><strong>Creating IAM Policy&nbsp;<\/strong><\/li><\/ol>\n\n\n\n<p>Let&#8217;s build an IAM Role for the Flow Logs so that data may be sent to the Cloudwatch Log group.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">CreateLogGroup, DescribeLogGroups, CreateLogStream, DescribeLogStreams, and PutLogEvents are the minimum permissions necessary for Flow Logs.<\/p>\n\n\n\n<p>Login to the IAM Console to create a policy.<\/p>\n\n\n\n<p>Choose Policies from the Navigation pane, then click Create Policy.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">Replace the existing policy with the below contents in the JSON tab, give the policy a name, and click Create policy.<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\n{\n   &quot;Version&quot;: &quot;2012-10-17&quot;,\n   &quot;Statement&quot;: &#91;\n      {\n         &quot;Action&quot;: &#91;\n            &quot;logs:CreateLogGroup&quot;,\n            &quot;logs:CreateLogStream&quot;,\n            &quot;logs:PutLogEvents&quot;,\n            &quot;logs:DescribeLogGroups&quot;,\n            &quot;logs:DescribeLogStreams&quot;\n         ],\n         &quot;Effect&quot;: &quot;Allow&quot;,\n         &quot;Resource&quot;: &quot;*&quot;\n      }\n   ]\n}\n<\/pre><\/div>\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/9bS9O_B1IwJQUTdvZ1dPI2zQJome7edoNLa1ZBVWnn5gDvAsIVcrEkeKMT2rZY-cGTsumEgRJEF35L5l9ik3imQjuHy3xdFHiCUUlnAUifv37GVH3pCOahaLVbtLsOQ05KMo8DY\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh3.googleusercontent.com\/5HKbqFw1AFrugeyBRqlw6jAr1OA0zW1mZdCBQ-ItTar4D8nlVBNjcS-p79U3vkJ7c220WPqM0h-frNZ6KywnLaFyZzeNa7rDsdBkBOotKV2goLW3kZQappyPchKfUu5Dsl6GAcU\" alt=\"\"\/><\/figure>\n\n\n\n<p>Once the policy is created, We need to create an IAM role and attach the policy with it.<\/p>\n\n\n\n<p>The role will be used later while creating Flow Logs.<\/p>\n\n\n\n<ol start=\"2\"><li><strong>Creating IAM Role<\/strong><\/li><\/ol>\n\n\n\n<p>To Create an IAM Role, Choose <strong>Roles<\/strong> and click <strong>Create Role<\/strong><\/p>\n\n\n\n<p>Then Choose <strong>EC2<\/strong> as a Service to create a Role.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh3.googleusercontent.com\/FZquA_CBi5XnTO7Zs5EjvkoxnmA9tHKuKmZemgm_--GfcxgRjbSeV0Zou19wI9zsORtQ_kFgegubwtLccSe-YDfmcgaZWDufnBg2EM_bxRgMOfgSFDuSQ9CkjW-eLXSiLG5GID4\" alt=\"\"\/><\/figure>\n\n\n\n<p>and click <strong>Next: Permissions<\/strong><\/p>\n\n\n\n<p>Look for the name of the policy that we generated. Choose it.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh5.googleusercontent.com\/cOB9F3yQSb0j1rMxzIHxrrOO_LYe0KgW5tAMA4EaTgegwVeqr9TiT-oQT-AQc3L8kxXEGXQAY1aX04KzCAqRlfUGVbHETDZC1UuO6KaOiL-LAXn55WMvKpogmoHDouNwIhOzjtQ\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p>Finally, give the role a name and then click Create Role.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/aovHx6wo25SDmCc5pN5u5nu4Q4e1vnLZYFfbRxcIhPPypASn_UYb0l36PUFxt31lAFh7UQHi4v48GvP1moLUxf9e_LYvXhfPNn_CXlC4EijNf5GRoK3j3VTDtSVXVQwSitbk6RM\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p>We should also ensure that the role has a trustworthy relationship that permits the Flow Logs service to take it.<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\n{\n   &quot;Version&quot;: &quot;2012-10-17&quot;,\n   &quot;Statement&quot;: &#91;\n      {\n         &quot;Sid&quot;: &quot;&quot;,\n         &quot;Effect&quot;: &quot;Allow&quot;,\n         &quot;Principal&quot;: {\n           &quot;Service&quot;: &quot;vpc-flow-logs.amazonaws.com&quot;\n         },\n         &quot;Action&quot;: &quot;sts:AssumeRole&quot;\n      }\n   ]\n}\n<\/pre><\/div>\n\n\n<p>For that, Choose the Role that we have created, Select <strong>Trust Relationships<\/strong><\/p>\n\n\n\n<p>, and click <strong>Edit trust relationship<\/strong><\/p>\n\n\n\n<p>To do so, select the role that we&#8217;ve created. Click Edit Trust Relationships after selecting Trust Relationships.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh6.googleusercontent.com\/qjn_lqZrfnJapPIw_rVPK9S2pcYfa66NAx4aPj3X__7uha9EAL6A8lnFh2BlabJUYBuCaqulkq6XWZCbddjrk-eEO7WCYeygDwxYeESyNyQfD6r4Jmo_ZfY8NW0puYDRACWTSqI\" alt=\"\"\/><\/figure>\n\n\n\n<p>Substitute vpc-flow-logs.amazonaws.com for ec2.amazonaws.com, and then click Update trust policy.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh5.googleusercontent.com\/GdCltCFqJdoSFCIq7jGABItxlsj-5A-2BL6YucVDJLLbRB3yJ7mJ2OHXxwxekoMV9xjbIHJ3Ns4NXY8ggFyWSthb_oTn0VH-urKI3krnn4UIsFMcIWQ1ZCLlpFvHuUnB0MiMq4o\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p class=\"has-text-align-justify\">Now that we&#8217;ve completed the minimum permissions required for the Flow Logs service to publish Flow Logs data to the Cloudwatch Log group, we can go on to the next step.<\/p>\n\n\n\n<p>Take note of the Role&#8217;s ARN (Role ARN), which will be utilized to create Flow Logs.<\/p>\n\n\n\n<p>We can construct Flow Logs for Network Interfaces, Subnets, and VPCs, as previously stated.<\/p>\n\n\n\n<ol start=\"3\"><li><strong>Creating Cloudwatch Log Group<\/strong><\/li><\/ol>\n\n\n\n<p>We should first create a CloudWatch log group where VPC Flow Logs will be stored.<\/p>\n\n\n\n<p>Ensure that a log group is formed in the same region as the Flow Logs.<\/p>\n\n\n\n<p>To make a Log group, follow these steps. Go to CloudWatch Console and log in.<\/p>\n\n\n\n<p>Choose Log groups in the navigation pane under Logs.<\/p>\n\n\n\n<p>Create a log group by clicking the Create log group button.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh5.googleusercontent.com\/schQG_pZkKaxGx_7ec12b7_hiTIL0DtWFmaQSfLIDwKnfTIgf6MMHBrnDnmlKTIdmNklCsYJ7BC5yQVuz0ZR_NsRxtWczcQ3uJi1TpMAMPaqRtbNzMNxnvWrv42hAmHCCkdaxE0\" alt=\"\"\/><\/figure>\n\n\n\n<p>&nbsp;Give the log group a name and, if necessary, an expiry date, then click Create.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh5.googleusercontent.com\/XbWXRgDmQQDtXHnKu_xesKQI6D0PZvoTHUwBOYTc47vloq9Gi2qwZhL0mcqFDB63ICnY-8djocA1qPKfeL5EbERlVCMgpAbD5zNRXwyjvHp6RGtS2pmYoRI4KPps2uUd7LTTbzs\" alt=\"\"\/><\/figure>\n\n\n\n<ol start=\"4\"><li><strong>Creating a Network Interface Flow Log<\/strong><\/li><\/ol>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh6.googleusercontent.com\/5EhLZtDP_PwZT-nFnlBEhri3-nNf65jx6L3U81uVmDF2KXft1D2jFfwhcm0BAalh-a8fENHOY5gOdqGuKxzBIB14cLYdUqzwUICvGUEVcr2e4xT7Cb7QPFuO4AAjnzROAt8umaA\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p class=\"has-text-align-justify\">Log in to the EC2 Console to create Flow Logs for Network Interfaces. Select Network Interfaces from the navigation pane.<\/p>\n\n\n\n<p>Select the network interface and then click Create Flow Log under Actions.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/dp0lW3ZYfkQofiX9WpOC6710KQmpqP6wN17H6MujYVOLIO0qZSdgl3AYP3x_iYqx-bAp0P8bzltb9O0AG1saALMhjTeE1cP6KRtyquyCj2WGPHLXJwjpsLln2Waf8Q5IWdMClVM\" alt=\"\"\/><\/figure>\n\n\n\n<p>Give the Flow Log a name in the Flow Log configuration.<\/p>\n\n\n\n<p>It will ask for the sort of traffic that needs to be captured when using Filter.<\/p>\n\n\n\n<p>To log both refused and accepted traffic, select All.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">For the <strong>Maximum aggregation interval<\/strong>, Choose the maximum period of time during which a Flow Log is captured and aggregated into one Flow Logs record.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh5.googleusercontent.com\/cZ3rqDQG1ju107vYDWLTTF7afuoYZXUnFyN1-aY15UmD2e52p12f-l_zdJ-I9j1tFjGp6W8wY3FZ91NMrBPrD9fCRwIQGOEC7H6wPhOeFj8r57gFf3WCZZSp03mJBhy4mBMScmU\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p>For <strong>Destination<\/strong>, Choose to <strong>Send to CloudWatch logs<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/7XYZYZN21FGqCZH9GEU3zEss0LYvGLtekJRrMno0_IsygZS94CPeJenXJhz0KwtgIfguYFkLSbjuLWm1Ju4OMyuc9qJl0ZYgFG4LY2SIVRuLTcVLQgjs-zcU00sl59kr69wCCX4\" alt=\"\"\/><\/figure>\n\n\n\n<p>For the <strong>Destination log group<\/strong>, Choose the CloudWatch log group which we have already created.<\/p>\n\n\n\n<p>For the <strong>IAM role<\/strong>, choose the role that was already created.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">For the Log record format, We can choose either the default format or we can configure a custom format if required.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/022GmEhQAnjKkjcaGo9HG91SteLPNgCNQX98Vb6gBa1Co-GfGfbDR9Cv0kgMsMD3DsTfCs7zaGqzU0-071BMgGHCBxQaPmbzCyb1PVLbbgxLwnvvTPkEKb59K7EfHCanJlqE6Lk\" alt=\"\"\/><\/figure>\n\n\n\n<p>Add a tag for the Flow Log and click <strong>Create Flow Log<\/strong>.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh5.googleusercontent.com\/nZBlaJ8OLMardzDU_oLvkXObogb0u3XPTZm-SViIfdlSyUdH48zTh5JKMxgs87W1IZgmlP5E3eaxPehYI54aHMeqR3NfHwtB_bgX2YrOMkEuEPghz8EvWAkfDc9NtYXGMNnuFuc\" alt=\"\"\/><\/figure>\n\n\n\n<p>To check if the Flow Log is applied for the network interface, Select the Network interface for which we have created the Flow Log, Choose <strong>Flow Logs<\/strong><\/p>\n\n\n\n<p>You can find the details of Flow Log such as Flow Log name, Flow Log ID, Destination name, etc.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh3.googleusercontent.com\/8oKBN8ddrgvx9zH1iynw9r5rHSKjlhQVv8KV1hMBU5BZ6M3De2eB9IGOJ4tnlhW9yvs7TTBvopZF80JU6bIbXsSPeOtw3pEdQLt7cFchspQQLJWKhbOBT6Aw4ffrJGzdoJWsTig\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p>To delete a Flow Log for a network interface, Choose the network interface and then choose Flow Logs.<\/p>\n\n\n\n<p>Under Actions, Click <strong>Delete Flow Logs<\/strong><\/p>\n\n\n\n<p>Type <strong>delete<\/strong> and click <strong>Delete.<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh5.googleusercontent.com\/i2DvgA0IFwhqePCsGB065tzcnvQ06ytvzj5pgvPKjepbxQrpS3ZDv3RBu0dI57f8T0hRJVnz8rIfLI_nDQ-zjJ5Jp2FniSzwIYiHX0R3SRLHedYpSSirioDnVmlRX7Zf5FtXcqU\" alt=\"\"\/><\/figure>\n\n\n\n<ol start=\"5\"><li><strong>Creating Flow Log for Subnets<\/strong>&nbsp;<\/li><\/ol>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh3.googleusercontent.com\/sCFPv8Dmgpjzk8V26qZKNw007NCsAlUv9z1dD-g9a8ZHscHqeEGFwm_T-PA2sUYUjpBkMdA5EX5e_lMfaVZVQFd3lheB1UH1wP3fgSL58_jzOQ62fUAcY75rjfLqcffn9au82hg\" alt=\"\"\/><\/figure>\n\n\n\n<p>Login to <strong>VPC Console<\/strong>, In the navigation pane, choose <strong>Subnets<\/strong>.<\/p>\n\n\n\n<p>From the lists of subnets, Choose the subnet for which you wish to create VPC Flow Log.<\/p>\n\n\n\n<p>&nbsp;Under <strong>Actions<\/strong>, click Create <strong>Create Flow Log<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh5.googleusercontent.com\/G4XVyTdLNiVxbMeTqWWnF9os3V7mmtNdXKG1PJSM2ZTaDk9yNZb0fzx3jsNE-vsJV1MYQxZm0jfG3yq4tFiU8UrNG8nUbaxwziCVGOCf3moPGQ_QpmydS4Yo9doJY8HvQQO8U2s\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p>Under the Flow Log setting, Provide a name for the Flow Log.<\/p>\n\n\n\n<p>For <strong>Filter<\/strong>, It will ask for the type of traffic that needs to be recorded.<\/p>\n\n\n\n<p>Choose <strong>All<\/strong> to log rejected and accepted traffics.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">For the <strong>Maximum aggregation interval<\/strong>, Choose the maximum period of time during which a Flow Log is captured and aggregated into one Flow Logs record.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh3.googleusercontent.com\/Ym-WycqriDLFwWkcHQ565fihVJJVy5FItYEvu7b53hLuLFu06HY9mJT-0K3VxXLfwXfACCTFhLN-RfVD-ghZO_rR5OLUhG37Thc-4OTBagLDhgPOBT6HIaBtXL9jViGm20nr_6s\" alt=\"\"\/><\/figure>\n\n\n\n<p>For <strong>Destination<\/strong>, Choose to <strong>Send to CloudWatch logs<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/7XYZYZN21FGqCZH9GEU3zEss0LYvGLtekJRrMno0_IsygZS94CPeJenXJhz0KwtgIfguYFkLSbjuLWm1Ju4OMyuc9qJl0ZYgFG4LY2SIVRuLTcVLQgjs-zcU00sl59kr69wCCX4\" alt=\"\"\/><\/figure>\n\n\n\n<p>For the <strong>Destination log group<\/strong>, Choose the CloudWatch log group which we have already created.<\/p>\n\n\n\n<p>For the <strong>IAM role<\/strong>, choose the role that was already created.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">For the Log record format, We can choose either the default format or we can configure a custom format if required.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/022GmEhQAnjKkjcaGo9HG91SteLPNgCNQX98Vb6gBa1Co-GfGfbDR9Cv0kgMsMD3DsTfCs7zaGqzU0-071BMgGHCBxQaPmbzCyb1PVLbbgxLwnvvTPkEKb59K7EfHCanJlqE6Lk\" alt=\"\"\/><\/figure>\n\n\n\n<p>Add a tag for the Flow Log and click <strong>Create Flow Log<\/strong>.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/2uXby7cboenl23MzAFoTsPb3zbp39RX4UtNbMAoBkeTungaeoF4abBe4zP7t-2evGhmkcRYJz5jFYpWd72TnCGJK5u5Tpm8QH6a6B2ujTMxcLMtzvVdpDY79u5BUPxhuk3foOLQ\" alt=\"\"\/><\/figure>\n\n\n\n<p class=\"has-text-align-justify\">To check if the Flow Log is applied for the subnet, Select the subnet for which we have created the Flow Log, Choose <strong>Flow Logs<\/strong><\/p>\n\n\n\n<p>You can find the details of Flow Log such as Flow Log name, Flow Log ID, Destination name, etc.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/yyTuM5Fn7daFnUtk97COvXDQFbKxT95TuD3eICT3qrnr77YfotEpQSwV0pJrFKn7pybTZRf4I14d24ft5vv6q09vlwBR7WWb0ihl_taGReovRmDwZZGtLqzYlufR41GbaKFGFto\" alt=\"\"\/><\/figure>\n\n\n\n<p>To delete a Flow Log for a subnet, Choose the Subnet and then choose Flow Logs.<\/p>\n\n\n\n<p>Under <strong>Actions<\/strong>, Click <strong>Delete Flow Logs<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh3.googleusercontent.com\/rJxp-VUX2eEIV-c3ocf10x-HiJZYceLemiywDSRLYjSVrnRCIzfqoD8iE9c5o4bOYpXcIcNFCpFKGYjCW90Sx1INPa0mWzMjfkwOwBfMAE_W-L3F4EQe9vo3zv0zjpI5GJFgzQU\" alt=\"\"\/><\/figure>\n\n\n\n<p>Type <strong>delete<\/strong> and click <strong>Delete.<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh6.googleusercontent.com\/uwWZwHHxWZR9c6mnC_zOSDBg5uC676hjMjnIYfM8db0GFKGYygJmqyTnthYgA5-9OKgx46C1QMMU0U9PV829GvFmI07K487tzhn9UUQbDA1toK7HkthYNupT7fQJoMX1t51MSMU\" alt=\"\"\/><\/figure>\n\n\n\n<ol start=\"6\"><li><strong>Creating Flow Log for a VPC&nbsp;<\/strong><\/li><\/ol>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/3u5WmNMT6S0f7gEQZItCs_bG4MNL7-05Iuoct1xEbn4JIyjkkaFwM9Eo9_pu9HVxfyJYAiJ4M-d1Vb6ny52vzpwsphEQq7p-8tbqBpAg680A5F4dUHt0jye2NubWJzkTKAlpY8g\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p>To create a Flow Log for a VPC, log in to VPC Console<\/p>\n\n\n\n<p>In the navigation pane, Choose <strong>Your VPCs<\/strong><\/p>\n\n\n\n<p>Select the VPC for which you want to create VPC Flow Log,&nbsp;<\/p>\n\n\n\n<p>Under <strong>Actions<\/strong>, Click <strong>Create Flow Log<\/strong><\/p>\n\n\n\n<p>Under the Flow Log setting, Provide a name for the Flow Log.<\/p>\n\n\n\n<p>For <strong>Filter<\/strong>, It will ask for the type of traffic that needs to be recorded.<\/p>\n\n\n\n<p>Choose <strong>All<\/strong> to log rejected and accepted traffic.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">For the <strong>Maximum aggregation interval<\/strong>, Choose the maximum period of time during which a Flow Log is captured and aggregated into one Flow Logs record.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh3.googleusercontent.com\/XE10c2kXviIfaP2qaigVLF5yzEnRXpoAaRsreeeIlVN4objZwRnlgQnjyiSMXEx2CRAKwdAFAWcEnH1kuF0GS84bdW8sxlucD5-Ml-9ir5Mww4Svu_fzOHcx4i_2yjvsmj-aGIA\" alt=\"\"\/><\/figure>\n\n\n\n<p>For <strong>Destination<\/strong>, Choose to <strong>Send to CloudWatch logs<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/7XYZYZN21FGqCZH9GEU3zEss0LYvGLtekJRrMno0_IsygZS94CPeJenXJhz0KwtgIfguYFkLSbjuLWm1Ju4OMyuc9qJl0ZYgFG4LY2SIVRuLTcVLQgjs-zcU00sl59kr69wCCX4\" alt=\"\"\/><\/figure>\n\n\n\n<p>Choose the CloudWatch log group that we&#8217;ve already generated for the Destination log group.<\/p>\n\n\n\n<p>Choose the role that has already been created for the IAM role.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">For the Log record format, we have the option of using the default format or configuring a custom format if necessary.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/022GmEhQAnjKkjcaGo9HG91SteLPNgCNQX98Vb6gBa1Co-GfGfbDR9Cv0kgMsMD3DsTfCs7zaGqzU0-071BMgGHCBxQaPmbzCyb1PVLbbgxLwnvvTPkEKb59K7EfHCanJlqE6Lk\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p>Add a tag for the Flow Log and click <strong>Create Flow Log<\/strong>.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/jbF5JQ8SNaRpeSCpx_H_rDl7qAeO21-MJYC6Ogich-oEq27h2Fss3EB-aX0dKCk30bAKV5WYNJdrOTwt2pCMQeL-wQPqvwlzkdqwPZRsniSgXIXQnLG8DejTiJsJvyY_tucH2qs\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p>Flow Log is created for the VPC.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/PPbscnxP7MAeJ_O_uAdtdt2T3qGWseUSJp10WPzc-iEFLImtdeh4D2DDnM3YbLwyEnWTCj8heIl9SFSDhQbZ7Oes4cWBHgP8OWZWxRzJ_-ULbZpUBqiXzWlU7Mctx2-AVxj1ujU\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p class=\"has-text-align-justify\">Now We know how to configure Flow Logs for Network interfaces, Subnets, and VPC and publish the Flow Logs to the CloudWatch Log Group.<\/p>\n\n\n\n<h2>Publishing Flow Logs to S3 Bucket<\/h2>\n\n\n\n<ul><li>If you want to transfer data from Flow Logs to an S3 bucket rather than a Cloudwatch log group. It&#8217;s something we can set up.<\/li><li>Data from Flow Logs can be published to an S3 bucket.<\/li><li>We should have an existing S3 bucket for the Flow Logs to send the data to the S3 bucket.<\/li><li>The traffic information collected by Flow Logs will be sent to the S3 bucket and stored as log file objects.<\/li><\/ul>\n\n\n\n<ol><li>Creating S3 Bucket<\/li><\/ol>\n\n\n\n<p>To create an S3 bucket, Login to S3 Console. Click <strong>Create bucket<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh5.googleusercontent.com\/h3Gu6fxuNNyMzyy0CqRDysl3sP6Jev7z3vb-f8Cqwj23iMkgeQZ2H44YmNtgldStspz2OhIqoDPJ80glF_nwwi3HaTN1Tk-_h4UeVvKDSKyPxHMjgkOxDSEMJ0YgwyiTxCSviaI\" alt=\"\"\/><\/figure>\n\n\n\n<p class=\"has-text-align-justify\">Provide a name for the bucket and Choose the same AWS region where the bucket should be created, leave the rest of the settings to default, and click <strong>Create bucket<\/strong>.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh3.googleusercontent.com\/J7YE_SRCvskfzOGZHJ2cmv0YoktDhZ8d8iAqjQExt9mS35XKaIZ2VCc1cCJlHKxYwmNicHZNWCfpZkzI3a4yYCYQULf8oeAcKHNLaJv3A-KbxdEfGLT6kYCa2YAG0Z192JCpCbM\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<ol start=\"2\"><li>Understanding Flow Log files<\/li><\/ol>\n\n\n\n<p class=\"has-text-align-justify\">Flow Logs collect Flow Log records, consolidate them to log files, and then publish the log files to the S3 bucket at 5 minutes intervals.<\/p>\n\n\n\n<p>Each log file will have the details about the IP traffic recorded in the last 5 minutes.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">The maximum file size of each log file can be 75 MB. If the log file reaches the file limit, The Flow Logs will create a new log file and start storing log records there.<\/p>\n\n\n\n<p>Then the log files will be stored in the S3 bucket.<\/p>\n\n\n\n<h4><strong>Creating S3 Bucket Policies for Flow Logs<\/strong><\/h4>\n\n\n\n<p>By default, All the S3 buckets and objects we create are private.<\/p>\n\n\n\n<p>The below <strong>S3 Bucket policy<\/strong> grants the Flow Logs permission to publish logs to the S3 bucket.<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\n{\n    &quot;Version&quot;: &quot;2012-10-17&quot;,\n    &quot;Statement&quot;: &#91;\n       {\n          &quot;Sid&quot;: &quot;AWSLogDeliveryWrite&quot;,\n          &quot;Effect&quot;: &quot;Allow&quot;,\n          &quot;Principal&quot;: {&quot;Service&quot;: &quot;delivery.logs.amazonaws.com&quot;},\n          &quot;Action&quot;: &quot;s3:PutObject&quot;,\n          &quot;Resource&quot;:\n&quot;arn:aws:s3:::bucket_name\/optional_folder\/AWSLogs\/account_id\/*&quot;,\n          &quot;Condition&quot;: {&quot;StringEquals&quot;: {&quot;s3:x-amz-acl&quot;: &quot;bucket-owner-full-control&quot;}}\n       },\n       {\n          &quot;Sid&quot;: &quot;AWSLogDeliveryAclCheck&quot;,\n          &quot;Effect&quot;: &quot;Allow&quot;,\n          &quot;Principal&quot;: {&quot;Service&quot;: &quot;delivery.logs.amazonaws.com&quot;},\n          &quot;Action&quot;: &quot;s3:GetBucketAcl&quot;,\n          &quot;Resource&quot;: &quot;arn:aws:s3:::bucket_name&quot;\n       }\n    ]\n}\n<\/pre><\/div>\n\n\n<p class=\"has-text-align-justify\">If the above permission is not attached to the respective S3 bucket, Then the Flow Logs will automatically apply for permissions while creating Flow Logs.<\/p>\n\n\n\n<ol start=\"3\"><li>Creating Flow Log for Subnet<\/li><\/ol>\n\n\n\n<p>Let&#8217;s go ahead and create Flow Logs for the subnets and publish the Flow Logs to the S3 bucket.<\/p>\n\n\n\n<p>From the lists of subnets, Choose the subnet for which you wish to create VPC Flow Log.<\/p>\n\n\n\n<p>&nbsp;Under <strong>Actions<\/strong>, click Create <strong>Create Flow Log<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh5.googleusercontent.com\/G4XVyTdLNiVxbMeTqWWnF9os3V7mmtNdXKG1PJSM2ZTaDk9yNZb0fzx3jsNE-vsJV1MYQxZm0jfG3yq4tFiU8UrNG8nUbaxwziCVGOCf3moPGQ_QpmydS4Yo9doJY8HvQQO8U2s\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p>Under the Flow Log setting, Provide a name for the Flow Log.<\/p>\n\n\n\n<p>For <strong>Filter<\/strong>, It will ask for the type of traffic that needs to be recorded.<\/p>\n\n\n\n<p>Choose <strong>All<\/strong> to log rejected and accepted traffics.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">For <strong>Maximum aggregation interval<\/strong>, Choose the maximum period of time during which a Flow Log is captured and aggregated into one Flow Logs record.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh3.googleusercontent.com\/Ym-WycqriDLFwWkcHQ565fihVJJVy5FItYEvu7b53hLuLFu06HY9mJT-0K3VxXLfwXfACCTFhLN-RfVD-ghZO_rR5OLUhG37Thc-4OTBagLDhgPOBT6HIaBtXL9jViGm20nr_6s\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p>For <strong>Destination<\/strong>, choose to <strong>Send to Amazon S3 bucket<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh3.googleusercontent.com\/DXSvayLAj8WQYoBBi12rfQQMS7YeKXUn8GbHHace1bnY9YshGrQHetokHZtD-ppqClsAcfSbx3ieXch3Prw8hcFtamWYBEObewtQhCa2wtZZNQw6jqV0Cp1-td_7fiMvWXWDWgM\" alt=\"\"\/><\/figure>\n\n\n\n<p>To find the ARN of the S3 bucket, Go to the S3 console,&nbsp;<\/p>\n\n\n\n<p>Select the S3 bucket that we created for storing Flow Logs and click <strong>Copy ARN<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh5.googleusercontent.com\/rB6YMpAjo1PvR-HlexNoZtuz1T30A3APoOdgfAU8-G12QiIslR9fcR-cshMTXdghjuAdeGDjiAJ7d6M0onX7rXL7seCno8bH2UqApMNmGvcSLasMAswP6jn6_V9r5n36QwSEcIw\" alt=\"\"\/><\/figure>\n\n\n\n<p class=\"has-text-align-justify\">Go back to the Flow Log creation page and paste the ARN of the bucket which you have copied.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/ygKjmH-_ImcSZQa0xAqOs3BdQb6jB-LrxBVe58eFo9bZZqz69I1O2vOFtaol0vg_OxX8W96PzaG2GmD58iouI2I787gK8S5KXxw1Mdfk3IDRoUu9VkTIcChIANo-tOBvJNmNT24\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p class=\"has-text-align-justify\">For the Log record format, we can choose either the default format or we can configure a custom format if required.<\/p>\n\n\n\n<p>Click Create Flow Log after adding a tag to the Flow Log.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">To see if the Flow Log is enabled for the subnet, go here. Select the subnet for which the Flow Log was created.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">Select Flow Logs<\/p>\n\n\n\n<p>You can find the details of Flow Log such as Flow Log name, Flow Log ID, Destination name, etc.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/yyTuM5Fn7daFnUtk97COvXDQFbKxT95TuD3eICT3qrnr77YfotEpQSwV0pJrFKn7pybTZRf4I14d24ft5vv6q09vlwBR7WWb0ihl_taGReovRmDwZZGtLqzYlufR41GbaKFGFto\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p>Select the Subnet and then Flow Logs to delete a Flow Log for that subnet.<\/p>\n\n\n\n<p>Under <strong>Actions<\/strong>, Click <strong>Delete Flow Logs<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh3.googleusercontent.com\/rJxp-VUX2eEIV-c3ocf10x-HiJZYceLemiywDSRLYjSVrnRCIzfqoD8iE9c5o4bOYpXcIcNFCpFKGYjCW90Sx1INPa0mWzMjfkwOwBfMAE_W-L3F4EQe9vo3zv0zjpI5GJFgzQU\" alt=\"\"\/><\/figure>\n\n\n\n<p>Type <strong>delete<\/strong> and click <strong>Delete.<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh6.googleusercontent.com\/uwWZwHHxWZR9c6mnC_zOSDBg5uC676hjMjnIYfM8db0GFKGYygJmqyTnthYgA5-9OKgx46C1QMMU0U9PV829GvFmI07K487tzhn9UUQbDA1toK7HkthYNupT7fQJoMX1t51MSMU\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<ol start=\"4\"><li>Creating Flow Log for a VPC&nbsp;<\/li><\/ol>\n\n\n\n<p>To build a Flow Log for a VPC and publish it to an S3 bucket, follow these steps.<\/p>\n\n\n\n<p>Using the VPC Console, log in. In the left-hand navigation pane, click Select Your Virtual Private Clouds<\/p>\n\n\n\n<p>Choose the VPC for which you wish to build a VPC Flow Log, and then click Next.<\/p>\n\n\n\n<p>Under <strong>Actions<\/strong>, Click <strong>Create Flow Log<\/strong><\/p>\n\n\n\n<p>Click Create Flow Log under Actions.<\/p>\n\n\n\n<p>Give the Flow Log a name in the Flow Log configuration.<\/p>\n\n\n\n<p>It will ask for the sort of traffic that needs to be captured when using Filter.<\/p>\n\n\n\n<p>To log both refused and accepted traffics, select All.<\/p>\n\n\n\n<p class=\"has-text-align-justify\">Choose the greatest duration of time for a Flow Log to be gathered and aggregated into a single Flow Logs record for Maximum aggregation interval.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh3.googleusercontent.com\/XE10c2kXviIfaP2qaigVLF5yzEnRXpoAaRsreeeIlVN4objZwRnlgQnjyiSMXEx2CRAKwdAFAWcEnH1kuF0GS84bdW8sxlucD5-Ml-9ir5Mww4Svu_fzOHcx4i_2yjvsmj-aGIA\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p>For <strong>Destination<\/strong>, Choose <strong>Send to Amazon S3 bucket<\/strong><\/p>\n\n\n\n<p>To find the ARN of the S3 bucket , Go to S3 console,&nbsp;<\/p>\n\n\n\n<p>Select the S3 bucket that we created for storing Flow Logs and click <strong>Copy ARN<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh5.googleusercontent.com\/rB6YMpAjo1PvR-HlexNoZtuz1T30A3APoOdgfAU8-G12QiIslR9fcR-cshMTXdghjuAdeGDjiAJ7d6M0onX7rXL7seCno8bH2UqApMNmGvcSLasMAswP6jn6_V9r5n36QwSEcIw\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p>Return to the Flow Log creation page and paste the bucket&#8217;s ARN that you copied previously.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/ygKjmH-_ImcSZQa0xAqOs3BdQb6jB-LrxBVe58eFo9bZZqz69I1O2vOFtaol0vg_OxX8W96PzaG2GmD58iouI2I787gK8S5KXxw1Mdfk3IDRoUu9VkTIcChIANo-tOBvJNmNT24\" alt=\"\"\/><\/figure>\n\n\n\n<p class=\"has-text-align-justify\">For the Log record format, we have the option of using the default format or configuring a custom format if necessary.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/022GmEhQAnjKkjcaGo9HG91SteLPNgCNQX98Vb6gBa1Co-GfGfbDR9Cv0kgMsMD3DsTfCs7zaGqzU0-071BMgGHCBxQaPmbzCyb1PVLbbgxLwnvvTPkEKb59K7EfHCanJlqE6Lk\" alt=\"VPC Flow Logs\"\/><\/figure>\n\n\n\n<p>Click Create Flow Log after adding a tag to the Flow Log.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/jbF5JQ8SNaRpeSCpx_H_rDl7qAeO21-MJYC6Ogich-oEq27h2Fss3EB-aX0dKCk30bAKV5WYNJdrOTwt2pCMQeL-wQPqvwlzkdqwPZRsniSgXIXQnLG8DejTiJsJvyY_tucH2qs\" alt=\"\"\/><\/figure>\n\n\n\n<p>Flow Log is created for the VPC. For the VPC, a Flow Log is created.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh4.googleusercontent.com\/PPbscnxP7MAeJ_O_uAdtdt2T3qGWseUSJp10WPzc-iEFLImtdeh4D2DDnM3YbLwyEnWTCj8heIl9SFSDhQbZ7Oes4cWBHgP8OWZWxRzJ_-ULbZpUBqiXzWlU7Mctx2-AVxj1ujU\" alt=\"\"\/><\/figure>\n\n\n\n<p class=\"has-text-align-justify\">We now know how to set up Flow Logs for network interfaces, subnets, and VPCs, as well as how to publish them to an S3 bucket.<\/p>\n\n\n\n<h2>Conclusion<\/h2>\n\n\n\n<p class=\"has-text-align-justify\">We have implemented Flow Logs for Network interfaces, Subnets, and VPC to analyze the traffic that is coming in and out of the AWS network. The logs can be analyzed from the CloudWatch log group and\/or S3 bucket which will help us to fix security and performance issues. We will discuss more security in our upcoming blogs. Stay tuned to keep getting all updates about our upcoming new blogs on AWS and relevant technologies.<\/p>\n\n\n\n<p>Meanwhile \u2026<\/p>\n\n\n\n<p><strong>Keep Exploring -&gt; Keep Learning -&gt; Keep Mastering<\/strong><\/p>\n\n\n\n<p class=\"has-text-align-justify\">This blog is part of our effort towards building a knowledgeable and kick-ass tech community. At <a href=\"https:\/\/www.workfall.com\/\">Workfall<\/a>, we strive to provide the best tech and pay opportunities to AWS-certified talents. If you\u2019re looking to work with global clients, build kick-ass products while making big bucks doing so, give it a shot at<a href=\"https:\/\/www.workfall.com\/partner\/\"> workfall.com\/partner<\/a> today.<\/p>\n","protected":false},"excerpt":{"rendered":"<p><span class=\"rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\">Reading Time: <\/span> <span class=\"rt-time\">14<\/span> <span class=\"rt-label rt-postfix\">minutes<\/span><\/span> Troubleshooting, connectivity, and security issues are always important tasks and require expertise to do these tasks. We can identify latency with the use of Flow Logs, which will allow us to immediately resolve\/tweak application performance issues without affecting end users. Each inbound and outbound traffic will be logged using Flow Logs, allowing us to analyze [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":631,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":""},"categories":[2],"tags":[3,4,213,211,212,207,210,206,208,209,25,6],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How to log, view and analyze network traffic flows using VPC Flow Logs? - The Workfall Blog<\/title>\n<meta name=\"description\" content=\"VPC Flow Logs is a feature that records information about IP traffic flowing to and from network interfaces within the VPC.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to log, view and analyze network traffic flows using VPC Flow Logs? - The Workfall Blog\" \/>\n<meta property=\"og:description\" content=\"VPC Flow Logs is a feature that records information about IP traffic flowing to and from network interfaces within the VPC.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/\" \/>\n<meta property=\"og:site_name\" content=\"The Workfall Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/facebook.com\/workfall\" \/>\n<meta property=\"article:published_time\" content=\"2021-11-11T10:35:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-08-20T11:19:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2021\/11\/VPC.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@workfall\" \/>\n<meta name=\"twitter:site\" content=\"@workfall\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Workfall\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"24 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/18.141.20.153\/learning\/blog\/#organization\",\"name\":\"Workfall - Hire #Kickass Coders On Demand\",\"url\":\"https:\/\/18.141.20.153\/learning\/blog\/\",\"sameAs\":[\"https:\/\/www.instagram.com\/workfall\/\",\"https:\/\/www.linkedin.com\/company\/workfall\/\",\"https:\/\/facebook.com\/workfall\",\"https:\/\/twitter.com\/workfall\"],\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/18.141.20.153\/learning\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/i1.wp.com\/18.141.20.153\/learning\/blog\/wp-content\/uploads\/2021\/10\/cropped-WF_logo.png?fit=400%2C400\",\"contentUrl\":\"https:\/\/i1.wp.com\/18.141.20.153\/learning\/blog\/wp-content\/uploads\/2021\/10\/cropped-WF_logo.png?fit=400%2C400\",\"width\":400,\"height\":400,\"caption\":\"Workfall - Hire #Kickass Coders On Demand\"},\"image\":{\"@id\":\"https:\/\/18.141.20.153\/learning\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/18.141.20.153\/learning\/blog\/#website\",\"url\":\"https:\/\/18.141.20.153\/learning\/blog\/\",\"name\":\"The Workfall Blog\",\"description\":\"#Tech #Remote #Jobs\",\"publisher\":{\"@id\":\"https:\/\/18.141.20.153\/learning\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/18.141.20.153\/learning\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#primaryimage\",\"url\":\"https:\/\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2021\/11\/VPC.png\",\"contentUrl\":\"https:\/\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2021\/11\/VPC.png\",\"width\":1200,\"height\":628,\"caption\":\"VPC Flow Logs -Workfall\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#webpage\",\"url\":\"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/\",\"name\":\"How to log, view and analyze network traffic flows using VPC Flow Logs? - The Workfall Blog\",\"isPartOf\":{\"@id\":\"https:\/\/18.141.20.153\/learning\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#primaryimage\"},\"datePublished\":\"2021-11-11T10:35:16+00:00\",\"dateModified\":\"2025-08-20T11:19:51+00:00\",\"description\":\"VPC Flow Logs is a feature that records information about IP traffic flowing to and from network interfaces within the VPC.\",\"breadcrumb\":{\"@id\":\"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/18.141.20.153\/learning\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to log, view and analyze network traffic flows using VPC Flow Logs?\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#webpage\"},\"author\":{\"@id\":\"https:\/\/18.141.20.153\/learning\/blog\/#\/schema\/person\/cab8236044692bc5b27606b13167794a\"},\"headline\":\"How to log, view and analyze network traffic flows using VPC Flow Logs?\",\"datePublished\":\"2021-11-11T10:35:16+00:00\",\"dateModified\":\"2025-08-20T11:19:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#webpage\"},\"wordCount\":3072,\"publisher\":{\"@id\":\"https:\/\/18.141.20.153\/learning\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2021\/11\/VPC.png\",\"keywords\":[\"AWS\",\"Cloud\",\"flowlogs\",\"IP\",\"logs\",\"nat\",\"networksecurity\",\"subnet\",\"tcp\",\"traffic\",\"VPC\",\"workfall\"],\"articleSection\":[\"AWS Cloud Computing\"],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/18.141.20.153\/learning\/blog\/#\/schema\/person\/cab8236044692bc5b27606b13167794a\",\"name\":\"Workfall\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/18.141.20.153\/learning\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2023\/09\/avatar_user_1_1693914404-96x96.png\",\"contentUrl\":\"https:\/\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2023\/09\/avatar_user_1_1693914404-96x96.png\",\"caption\":\"Workfall\"},\"sameAs\":[\"https:\/\/www.workfall.com\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to log, view and analyze network traffic flows using VPC Flow Logs? - The Workfall Blog","description":"VPC Flow Logs is a feature that records information about IP traffic flowing to and from network interfaces within the VPC.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/","og_locale":"en_US","og_type":"article","og_title":"How to log, view and analyze network traffic flows using VPC Flow Logs? - The Workfall Blog","og_description":"VPC Flow Logs is a feature that records information about IP traffic flowing to and from network interfaces within the VPC.","og_url":"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/","og_site_name":"The Workfall Blog","article_publisher":"https:\/\/facebook.com\/workfall","article_published_time":"2021-11-11T10:35:16+00:00","article_modified_time":"2025-08-20T11:19:51+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2021\/11\/VPC.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_creator":"@workfall","twitter_site":"@workfall","twitter_misc":{"Written by":"Workfall","Est. reading time":"24 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/18.141.20.153\/learning\/blog\/#organization","name":"Workfall - Hire #Kickass Coders On Demand","url":"https:\/\/18.141.20.153\/learning\/blog\/","sameAs":["https:\/\/www.instagram.com\/workfall\/","https:\/\/www.linkedin.com\/company\/workfall\/","https:\/\/facebook.com\/workfall","https:\/\/twitter.com\/workfall"],"logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/18.141.20.153\/learning\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/i1.wp.com\/18.141.20.153\/learning\/blog\/wp-content\/uploads\/2021\/10\/cropped-WF_logo.png?fit=400%2C400","contentUrl":"https:\/\/i1.wp.com\/18.141.20.153\/learning\/blog\/wp-content\/uploads\/2021\/10\/cropped-WF_logo.png?fit=400%2C400","width":400,"height":400,"caption":"Workfall - Hire #Kickass Coders On Demand"},"image":{"@id":"https:\/\/18.141.20.153\/learning\/blog\/#\/schema\/logo\/image\/"}},{"@type":"WebSite","@id":"https:\/\/18.141.20.153\/learning\/blog\/#website","url":"https:\/\/18.141.20.153\/learning\/blog\/","name":"The Workfall Blog","description":"#Tech #Remote #Jobs","publisher":{"@id":"https:\/\/18.141.20.153\/learning\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/18.141.20.153\/learning\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#primaryimage","url":"https:\/\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2021\/11\/VPC.png","contentUrl":"https:\/\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2021\/11\/VPC.png","width":1200,"height":628,"caption":"VPC Flow Logs -Workfall"},{"@type":"WebPage","@id":"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#webpage","url":"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/","name":"How to log, view and analyze network traffic flows using VPC Flow Logs? - The Workfall Blog","isPartOf":{"@id":"https:\/\/18.141.20.153\/learning\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#primaryimage"},"datePublished":"2021-11-11T10:35:16+00:00","dateModified":"2025-08-20T11:19:51+00:00","description":"VPC Flow Logs is a feature that records information about IP traffic flowing to and from network interfaces within the VPC.","breadcrumb":{"@id":"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/18.141.20.153\/learning\/blog\/"},{"@type":"ListItem","position":2,"name":"How to log, view and analyze network traffic flows using VPC Flow Logs?"}]},{"@type":"Article","@id":"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#article","isPartOf":{"@id":"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#webpage"},"author":{"@id":"https:\/\/18.141.20.153\/learning\/blog\/#\/schema\/person\/cab8236044692bc5b27606b13167794a"},"headline":"How to log, view and analyze network traffic flows using VPC Flow Logs?","datePublished":"2021-11-11T10:35:16+00:00","dateModified":"2025-08-20T11:19:51+00:00","mainEntityOfPage":{"@id":"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#webpage"},"wordCount":3072,"publisher":{"@id":"https:\/\/18.141.20.153\/learning\/blog\/#organization"},"image":{"@id":"https:\/\/learning.workfall.com\/learning\/blog\/network-traffic-flows-using-vpc-flow-logs\/#primaryimage"},"thumbnailUrl":"https:\/\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2021\/11\/VPC.png","keywords":["AWS","Cloud","flowlogs","IP","logs","nat","networksecurity","subnet","tcp","traffic","VPC","workfall"],"articleSection":["AWS Cloud Computing"],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/18.141.20.153\/learning\/blog\/#\/schema\/person\/cab8236044692bc5b27606b13167794a","name":"Workfall","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/18.141.20.153\/learning\/blog\/#\/schema\/person\/image\/","url":"https:\/\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2023\/09\/avatar_user_1_1693914404-96x96.png","contentUrl":"https:\/\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2023\/09\/avatar_user_1_1693914404-96x96.png","caption":"Workfall"},"sameAs":["https:\/\/www.workfall.com"]}]}},"jetpack_featured_media_url":"https:\/\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2021\/11\/VPC.png","jetpack-related-posts":[{"id":394,"url":"https:\/\/learning.workfall.com\/learning\/blog\/how-to-enable-secure-access-to-the-aws-resources-using-aws-client-vpn\/","url_meta":{"origin":630,"position":0},"title":"How to enable secure access to the AWS resources using AWS Client VPN?","date":"November 3, 2021","format":false,"excerpt":"If you\u2019re looking for a solution that enables secure access to the AWS resources and also the servers hosted in the On-premise network you\u2019re reading the right blog! With the help of the Client VPN endpoint, you can allow users from any geographical location to access the resources in AWS\u2026","rel":"","context":"In &quot;AWS Cloud Computing&quot;","img":{"alt_text":"Enable secure access to the AWS resources using AWS Client VPN","src":"https:\/\/i0.wp.com\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2021\/11\/AWSClientVPN.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":464,"url":"https:\/\/learning.workfall.com\/learning\/blog\/how-to-establish-and-maintain-a-scalable-network-using-amazon-managed-blockchain-part-2\/","url_meta":{"origin":630,"position":1},"title":"How to establish and maintain a scalable network using Amazon Managed Blockchain (Part 2)?","date":"November 9, 2021","format":false,"excerpt":"In our previous blog on how to establish and maintain a scalable network using Amazon Managed Blockchain (Part 1), we discussed Blockchain and Amazon Managed Blockchain. We have also discussed its components, benefits, features, pricing, customers, and how it works. In this blog, we will discuss how to use AWS\u2026","rel":"","context":"In &quot;AWS Cloud Computing&quot;","img":{"alt_text":"Amazon Managed Blockchain","src":"https:\/\/i2.wp.com\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2021\/11\/blockchain2.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":198,"url":"https:\/\/learning.workfall.com\/learning\/blog\/how-to-set-up-a-document-database-with-amazon-documentdb-with-mongodb-compatibility-and-aws-cloud9-in-a-private-vpc\/","url_meta":{"origin":630,"position":2},"title":"How to set up a Document Database with Amazon DocumentDB (with MongoDB compatibility) and AWS Cloud9 in a private VPC?","date":"October 27, 2021","format":false,"excerpt":"Are you utterly exhausted from thinking about your storage of data? You can get a fast, scalable, highly available, and fully managed document database service that supports MongoDB workloads and makes it easy to store, query, and index JSON data with Amazon DocumentDB (with MongoDB compatibility). In this blog, we\u2026","rel":"","context":"In &quot;AWS Cloud Computing&quot;","img":{"alt_text":"Set up a Document Database with Amazon DocumentDB (with MongoDB compatibility) and AWS Cloud9 in a private VPC","src":"https:\/\/i0.wp.com\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2021\/10\/DocumentDB-1200-x-628-px.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":611,"url":"https:\/\/learning.workfall.com\/learning\/blog\/trigger-lambda-function-using-amazon-cloudwatch-events-and-configure-cloudwatch-alarm-to-get-email-notifications-using-amazon-sns-part-1\/","url_meta":{"origin":630,"position":3},"title":"How to trigger Lambda function using Amazon CloudWatch events and configure CloudWatch alarm to get email notifications using Amazon SNS (Part 1)?","date":"November 11, 2021","format":false,"excerpt":"Whether you're considering a cloud migration or have already made the switch to AWS, you'll want to know how to manage your digital environment. With Amazon CloudWatch, AWS makes monitoring simple. CloudWatch is the cornerstone of your AWS infrastructure management. It has a robust framework for capturing and storing metrics\u2026","rel":"","context":"In &quot;AWS Cloud Computing&quot;","img":{"alt_text":"Amazon CloudWatch - Workfall","src":"https:\/\/i2.wp.com\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2021\/11\/cloudwatch1.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":593,"url":"https:\/\/learning.workfall.com\/learning\/blog\/authenticate-windows-ec2-instance-aws-managed-microsoft-active-directory\/","url_meta":{"origin":630,"position":4},"title":"How to authenticate Windows EC2 Instance using AWS Managed Microsoft Active Directory?","date":"November 11, 2021","format":false,"excerpt":"Currently, 95% of enterprises use Active Directory for authentication. Adopting cloud technology successfully necessitates taking into account on-premises IT infrastructure and applications. Active Directory architecture that is both reliable and secure is a vital IT infrastructure basis for businesses that run Windows applications. The directory service can be hosted in\u2026","rel":"","context":"In &quot;AWS Cloud Computing&quot;","img":{"alt_text":"Authenticate Windows EC2 - AWS","src":"https:\/\/i0.wp.com\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2021\/11\/Directory-service.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":640,"url":"https:\/\/learning.workfall.com\/learning\/blog\/aws-account-activities-using-aws-cloudtrailpart-1\/","url_meta":{"origin":630,"position":5},"title":"How to track AWS account activities using AWS CloudTrail (Part 1)?","date":"November 11, 2021","format":false,"excerpt":"Someone logged into your AWS Console and forced the shutdown of an EC2 instance, and you need to discover who did it as it was a critical instance for production, but you have no records. Here AWS CloudTrail comes to your rescue! In your AWS infrastructure, you can use AWS\u2026","rel":"","context":"In &quot;AWS Cloud Computing&quot;","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/learning.workfall.com\/learning\/blog\/wp-content\/uploads\/2021\/11\/Cover-Images_Part2-1.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/learning.workfall.com\/learning\/blog\/wp-json\/wp\/v2\/posts\/630"}],"collection":[{"href":"https:\/\/learning.workfall.com\/learning\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/learning.workfall.com\/learning\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/learning.workfall.com\/learning\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/learning.workfall.com\/learning\/blog\/wp-json\/wp\/v2\/comments?post=630"}],"version-history":[{"count":5,"href":"https:\/\/learning.workfall.com\/learning\/blog\/wp-json\/wp\/v2\/posts\/630\/revisions"}],"predecessor-version":[{"id":1812,"href":"https:\/\/learning.workfall.com\/learning\/blog\/wp-json\/wp\/v2\/posts\/630\/revisions\/1812"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/learning.workfall.com\/learning\/blog\/wp-json\/wp\/v2\/media\/631"}],"wp:attachment":[{"href":"https:\/\/learning.workfall.com\/learning\/blog\/wp-json\/wp\/v2\/media?parent=630"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/learning.workfall.com\/learning\/blog\/wp-json\/wp\/v2\/categories?post=630"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/learning.workfall.com\/learning\/blog\/wp-json\/wp\/v2\/tags?post=630"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}