VPC flow logs tab

The VPC flow logs tab allows you to configure a collector for Amazon AWS flow logs. You can create a collector to fetch flow logs saved in your S3 bucket or a flow log that uses AWS CloudWatch.

Note:

Before you can configure VPC flow log collectors you must first configure your AWS credentials.

For AWS requirements and configuration details, see the Ingesting AWS VPC flow logs guide.

Configure an S3 collector

Click the plus button to create a new entry.

The S3 collector list contains the following:

Profile name

The unique ID created on the AWS credentials tab. This name provides the credentials the collector needs to access the S3 bucket.

For a collector running in an AWS instance, you can use either a Access and Secret Key or an IAM Role. Otherwise you must use a Access and Secret Key.

Label

A unique name that is used to identify the S3 collector.

Location

The name of the S3 bucket.

Regions

AWS allows you to configure multiple VPC flow logs, from multiple regions, all using the same S3 bucket. This optional parameter is used to filter flow logs by the specified regions.

Refer to Flow Log Files for the structure of the flow log folders.

Accounts

Similar to the previous, this optional parameter is used to filter flow logs by the account ID of the bucket folder.

Actions

To delete an S3 collector, click the delete icon.

Click Save when you are done.

Configure a CloudWatch collector

Click the plus button to create a new entry.

The CloudWatch collector list contains the following:

Profile name

The unique ID created in the AWS credentials tab. This provides the credentials the collector needs to access CloudWatch.

For a collector running in an AWS instance, you can use either a Access and Secret Key or an IAM Role. Otherwise you must use a Access and Secret Key.

Label

A unique name that is used to identify the collector.

Region

The region the flow log was created in.

Log group

The CloudWatch group name.

Actions

To delete a CloudWatch collector, click the delete icon.

Click Save when you are done.