Get into the habit of writing together! This is the 16th day of my participation in the "Nuggets Daily New Plan·April Update Challenge", click to view the event details .
Click to review the previous article "AWS Log Monitoring CloudTrail Vs CloudWatch" .
VPC Flow Logs
Keywords: network, VPC, Subnet, interface, monitoring
VPC Traffic Log is a service of AWS Web Services that lets you log IP traffic data between network interfaces within a Virtual Private Network (VPC).
This log data can then be applied to AWS S3 or AWS CloudWatch logs. Once you've set up Flow Logs, you can inspect and verify log data. Flow Logs can come in handy for a variety of tasks, including:
- Rules for Diagnosing Restrictive Security Groups
- Monitor traffic to your instance
- Determine the direction of traffic to and from a network interface
Flow Logs data is captured outside the path of your network traffic, so it will not affect your network performance or latency, it is important to note that Flow Logs will not affect network performance under any circumstances.
What are the benefits?
With traffic logs, we can detect network latency, create performance baselines, and make responsive adjustments to your application; it can then expose latency, traffic duration, and bytes sent so you can quickly and accurately determine performance gaps Problem; finally it also allows logging and analysis of IP address traffic to and from network interfaces in the VPC.
So how does it work?
We isomorphically choose to create Flow Logs for VPC, which will monitor VPC, subnet and network interface logs by default. Traffic log data is recorded in the form of traffic log records. When creating Flow Logs, you will need to specify the resources you need the flow logs for, the type of traffic you want to capture, and where you want to eventually publish the data.
Summarize
CloudWatch monitors your applications and AWS resources, reporting on their health and performance, while CloudTrail monitors account activity within the AWS environment; CloudWatch monitors performance and CloudTrail monitors activity.
On the other hand, VPC Flow Logs are responsible for recording traffic information in and out of the network. For example, it will show whether the connection from the computer to your EC2 instance is accepted or rejected. That is, VPC traffic logs determine who is accessing your VMs, while CloudTrail determines who is accessing your AWS account.
Briefly summarized as:
- CloudWatch : What's going on on AWS? Log everything about a specific service or application.
- CloudTrail : Who does what on AWS? And includes records of API calls to services or resources.
- VPC Flow Logs : Who transfers data on which IP traffic flows between network interfaces within a designated VPC in AWS?