AWS VPC Flow Logs Introduction

• > Flow logs help to monitor the traffic flowing into our interfaces.

There are 3 types of Flow logs:

1. VPC Flow logs

2. ENI Flow logs

3. Subnet Flow logs

• > VPC flow logs help to monitor and troubleshoot connectivity issues.

There are 3 ways to implement VPC flow logs into our AWS architecture:

1. CloudWatch Contributor Insights

CloudWatch Contributor Insights Solution Architecture

CloudWatch Contributor Insights example for my website:

Contributor Insights Demo

Contributor insights data in tabular form:

Contributor Insights data in tabular form

2. CloudWatch Alarms

• > We can use the flow logs to generate a metric alarm from CloudWatch and then later send it to Amazon Simple Notification Service (SNS).

Flow logs to Amazon SNS via CloudWatch Alarm filter

3. Flow Logs via S3

• > We may also use S3 bucket to store the flow logs and then later use Amazon Athena to query the data and eventually display it via Amazon QuickSight.

Flow Logs to Athena for querying data

Credits: Diagrams made on: https://app.diagrams.net