By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Explanation for NODATA in VPC Flow Logs if there is no data

1

The VPC Flow Logs log status has "NODATA: There was no network traffic to or from the network interface during the aggregation interval. ". But my customer is asking:

  1. Does that really mean there was no data, or just no data captured, for example too small, or between two interfaces it does not capture?

  2. If there is really no data, then what is the purpose of sending this status which fills up the logs? Should it be treated as a heartbeat?

Topics
Networking & Content Delivery
Tags
Amazon VPCNetworking & Content Delivery
Language
English
AWS
cloudy2024
asked 4 years ago6031 views
1 Answer
1
Accepted Answer

NODATA means no data has been received on that ENI. In case of data missed or skipped in the capture a SKIPPED DATA message is published.

The NODATA message allows you to know if an ENI is actively attached to an instance and receiving/not receiving traffic or is just available in a pool of ENI or was an old ENI whose flowlog data is still available but the ENI has been deleted.

You can see the info about the type of records here: https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs-records-examples.html

AWS
EXPERT
agardezi
answered 4 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content