Explore how you can quickly prepare for, respond to, and recover from security events. Learn more.
All Content tagged with VPC Flow Logs
VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC.
Content language: English
Select up to 5 tags to filter
Sort by most recent
58 results
Hi Everyone. Does anyone know if it is possible to identify the network traffic from an offending specific POD using VPC Flow log. I have activated all VPC flow log fields such as **pkt-srcaddr** ment...
**Project Plan Overview**
We have a plan to extract data from around 60 different data sources and store it in an S3 bucket. So far, we’ve implemented the solution for 2 data sources.
**Initial Imple...
I am setting up an Amazon GuardDuty and I am interested in the VPC Traffic Flow Logs collected and sent to GuardDuty. Can I customize this Traffic? For example, in my Account there are 5 VPCs and I on...
Hello All,
Vpn tunnels are established and SG and ACLS are opened but traffic from our vm towards internet is not going through , i see traffic on my on prem firewall and response as well but return ...
Hello! I've been working steadily on attempting to apply security features that further enhance the security of my infrastructure created using Terraform and AWS CloudFormation! In spite of my progres...
I manage multiple AWS accounts and need to enable access logging for S3 buckets, VPCs, and Load Balancers. How can I configure these logs for each account and centralize them in a single "Log" account...
Hello everyone,
How can I see details about data transfer between VPC (if possible, my EC2 instances) and the s3 endpoint? For example, with the VPC flow log, I can see the IP addresses and the numbe...
Hi there,
I run different services on the same EC2. Let's call them service A and service B. When a service talks to another service, private IP is used (ports might be different).
So in the VPC flow...
Greetings guys,
I have created IPsec site to site tunnel between my VPC and on-premise, first tunnel is UP the second is DOWN.I have two IP blocks on-premise I can reach/ping one block from EC2 instan...
Hello Experts,
I have a few Network Load Balancers in my environment which do not have any security groups attached.
Additionally, the NACLs for the subnet allow all inbound and outbound traffic. Du...
hi,
i am looking to get an alert if vpc flow log has srcaddr range between 8.29.0.0 to 8.29.255.255
can anyone please help me how can I get pattern for it
Hi All,
we have an use case like, we have allowed one cidr (10.0.0.0/8) in our NACL of NLB Subnet. so we are sending our VPC flow logs for NLB subnet ENI to cloudwatch and from there ,using subscript...