Setup VPC Flow Logs
VPC Flow Logs are a feature offered by AWS that allows you to monitor the inbound and outbound traffic from network interfaces in your VPC. We recommend setting up VPC Flow logs for the VPC in which Datacoral is installed so you can monitor the network traffic and keep it for auditing purposes.
Locate the VPC in which Datacoral is installed
Use the following command to list all VPCs in your AWS account and locate the VpcId
for the VPC in which Datacoral was installed:
If Datacoral also created the VPC, you can also run the following command:
The result will look like the following -- copy and save the VpcId
:
Create VPC Flow Logs
Once you have the VpcId
, create an S3 bucket (or re-use an existing S3 Bucket) for saving the VPC Flow logs. Ideally, this S3 Bucket will have been configured to not allow any deletes and should be in a separate AWS account. Now, run the following command:
That's it! Now the logs will begin to be saved in your S3 bucket. If you need to see additional options for the format of the logs, or sending the logs to CloudWatch, look at the create-flow-logs
documentation here.