lboka/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/vpc/umn/FlowLog_0003.html
Qin Ying, Fan 62b5636b2d VPC UMN 0930 version 
Reviewed-by: Kucerak, Kristian <kristian.kucerak@t-systems.com>
Co-authored-by: Qin Ying, Fan <fanqinying@huawei.com>
Co-committed-by: Qin Ying, Fan <fanqinying@huawei.com>
2022-10-06 14:10:38 +00:00

11 KiB
Raw Permalink Blame History

Creating a VPC Flow Log

Scenarios

A VPC flow log records information about the traffic going to and from a VPC.

Prerequisites

Ensure that the following operations have been performed on the LTS console:

  • Create a log group.
  • Create a log topic.

For more information about the LTS service, see the Log Tank Service User Guide.

Procedure

  1. Log in to the management console.
  1. Click in the upper left corner and select the desired region and project.
  1. On the console homepage, under Network, click Virtual Private Cloud.
  2. In the navigation pane on the left, choose VPC Flow Logs.
  3. In the upper right corner, click Create VPC Flow Log. On the displayed page, configure parameters as prompted.
    Figure 1 Create VPC Flow Log
    Table 1 Parameter descriptions

    Parameter

    Description

    Example Value

    Name

    The VPC flow log name.

    The name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.

    flowlog-495d

    Resource Type

    The type of resources whose traffic is to be logged. You can select NIC, Subnet, or VPC.

    NIC

    Resource

    The specific NIC whose traffic is to be logged.

    NOTE:

    We recommend that you select an ECS that is in the running state. If an ECS in the stopped state is selected, restart the ECS after creating the VPC flow log for accurately recording the information about the traffic going to and from the ECS NIC.

    N/A

    Filter
    • All traffic: specifies that both accepted and rejected traffic of the specified resource will be logged.
    • Accepted traffic: specifies that only accepted traffic of the specified resource will be logged. Accepted traffic refers to the traffic permitted by the security group or firewall.
    • Rejected traffic: specifies that only rejected traffic of the specified resource will be logged. Rejected traffic refers to the traffic denied by the firewall.

    All

    Log Group

    The log group created in LTS.

    lts-group-wule

    Log Topic

    The log topic created in LTS.

    LogTopic1

    Description

    Supplementary information about the VPC flow log. This parameter is optional.

    The VPC flow log description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

    N/A

    Only two flow logs, each with a different filter, can be created for a single resource under the same log group and log topic. Each VPC flow log must be unique.

  4. Click OK.
Parent topic: VPC Flow Log