This document describes how to create a flow log policy to collect flow logs of ENIs, NAT gateway and CCN cross-region connections.
Note:The FL service for NAT gateway and CCN cross-region connections is currently in beta. To try it out, please submit a ticket.
Prerequisites
- You have created a logset and log topic:
- The Advanced analysis dashboard is only available for “flowlog_logset” logsets marked with “Flowlog” and the log topics under them. For more information, see Configuring Logsets and Log Topics.
- If you do not use the advanced analysis dashboard, you can select any logset and log topic. You can Create Logsets and Log Topics without the “Flowlog” mark via the CLS console, or Configure Logsets and Log Topics with the “Flowlog” mark via the FL console.
Directions
Creating a flow log policy
- Log in to the VPC console and select Flow Log > Flow Log in the left sidebar.
- In the upper-left corner of the Flow Logs page, choose the target region. Click + New and configure the following parameters in the pop-up dialog box.
Field Description Name The name of the flow log policy. Collection range This specifies the collection range of the flow log policy. ENI, NAT gateway and CCN are supported. VPC The VPC where the flow logs are collected. Subnet The subnet where the flow logs are collected. Collection type This specifies the type of traffic to be collected by the flow log: All traffic, or the traffic rejected or accepted by security groups or ACL. Logset This specifies the storage location in CLS for the flow log. Log topic This specifies the minimum dimension of log storage, which is used to distinguish log types, such as “Accept” log. Tag key An optional parameter. You can create a tag key or select an existing one. It is used for locating and managing flow logs. Tag value An optional parameter. You can create a tag value or select an existing one. You can also leave it empty. - Click OK.Note
- You can view the record of a newly created flow log in CLS after several minutes upon the creation (for example, for a flow log of an ENI, 5 minutes for the capture window and 5 minutes for data publishing).
- FL service is free of charge, but your need to pay for the data stored in CLS. See Billing Overview.
Viewing log information
- About 10 minutes after the flow log is created, click View at the right of the target flow log to enter the Search and analysis page in CLS.
- On this page, you can select the region, logset, log topic and time. You can also customize the filter conditions. Click Search and analysis to query the log information under specified conditions.
Note:
Click Index configuration to confirm that the index has been enabled. If it is disabled, you are unable to search the collected log data.
Yes
No
Was this page helpful?