Amazon VPC Flow

Version: Amazon VPC Flow

VPC Flow logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. Flow logs can help you with several tasks, such as:
  • Monitoring the traffic that is reaching your instance.
  • Determining the direction of the traffic to and from the network interfaces.
Netsurion AWS Lambda function can help you integrate AWS for forwarding VPC Flow logs to the Netsurion manager. After combining the VPC flow, we can visualize traffic flowing through the AWS environment via the Netsurion dashboard. These traffic details can also be exported using the flex report feature, which contains information about the identity of the source, destination, and EC2 instance details generated in this flow.
Netsurion monitors VPC Flow logs, and they are given as below:
  • Operation – Traffic accepted, rejected

Once Amazon VPC flow is configured to forward logs to Netsurion, dashboards and reports can be configured into Netsurion.

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Security Amazon VPC Flow - Traffic This report will provide details related to traffic generated on Amazon VPC like information related to identity of source and destination, generated flow along with EC2 instance details, protocol, source port and destination port.

Documentation

The configuration details are consistent with the Netsurion Open XDR platform version 9.3 and later, and Amazon Web Services.

Download Integration Guide and How-to Guide for more information and to configuration instructions.