You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
You cannot secure or optimise what you cannot see. VPC Flow Logs capture metadata about the IP traffic flowing through your network interfaces, subnets, and VPCs. Combined with other AWS monitoring tools, they give you the visibility needed to troubleshoot connectivity issues, detect threats, and meet compliance requirements.
VPC Flow Logs capture information about the IP traffic going to and from network interfaces in your VPC. Each flow log record describes a network flow — a 5-tuple of source IP, destination IP, source port, destination port, and protocol — over a defined aggregation interval.
| Level | What It Captures |
|---|---|
| VPC | All traffic in the VPC (all subnets, all ENIs) |
| Subnet | All traffic in a specific subnet |
| Network Interface (ENI) | Traffic on a single ENI |
You can run flow logs at multiple levels simultaneously. Subnet-level or VPC-level logging is most common for broad visibility.
A flow log record contains fields separated by spaces. The default format (Version 2) includes:
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.