By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Does AWS VPC Flow Logs only display private IP addresses for srcaddr and dstaddr, or can it also include public IP addresses?

0

What I'm trying to do is to use vpc flow log's srcaddr and dstaddr (or pkt-src-addr and pkt-dst-addr?), and traffic-path to analyze incoming and outgoing traffic based on a specific elastic ip address.

The private/public ip address of the elastic ip address will be obtained through the AWS SDK, and I planned to compare the srcaddr and dstaddr of the vpc flow log with the IP obtained through the AWS SDK to check whether the traffic is EIP traffic.

But I wasn't sure whether srcaddr and dstaddr displayed in vpc flow log only show private address.

Does AWS VPC Flow Logs capture and display public IP addresses in addition to private IP addresses for srcaddr and dstaddr fields?

Topics
Networking & Content Delivery
Tags
Amazon VPCVPC Flow Logs
Language
English
rePost-User-5004268
asked a year ago853 views
2 Answers
1
Accepted Answer

Yes, VPC flow logs will show public IPs being either accepted or rejected based on the flow log settings:

Enter image description here

profile picture
Simon Hanmer
answered a year ago
profile pictureAWS
EXPERT
Tushar_J
reviewed a year ago
1

Also take a look at this blog: https://aws.amazon.com/blogs/aws/learn-from-your-vpc-flow-logs-with-additional-meta-data/

As you can see from the examples in it, public IPs are shown in the flow logs as well.

profile pictureAWS
EXPERT
Tushar_J
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content