Explanation for NODATA in VPC Flow Logs if there is no data
The VPC Flow Logs log status has "NODATA: There was no network traffic to or from the network interface during the aggregation interval. ". But my customer is asking:
-
Does that really mean there was no data, or just no data captured, for example too small, or between two interfaces it does not capture?
-
If there is really no data, then what is the purpose of sending this status which fills up the logs? Should it be treated as a heartbeat?
- 最新
- 投票最多
- 评论最多
NODATA means no data has been received on that ENI. In case of data missed or skipped in the capture a SKIPPED DATA message is published.
The NODATA message allows you to know if an ENI is actively attached to an instance and receiving/not receiving traffic or is just available in a pool of ENI or was an old ENI whose flowlog data is still available but the ENI has been deleted.
You can see the info about the type of records here: https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs-records-examples.html
相关内容
AWS 官方已更新 2 年前- AWS 官方已更新 2 年前
