Posted On: Jun 10, 2015

Amazon VPC Flow Logs is a new feature that allows you to log traffic flows at network interfaces in your Virtual Private Cloud (VPC). You can now create a Flow Log on a VPC, a subnet or an Elastic Network Interface (ENI) in your account. Once created, the Flow Log will capture accepted and rejected traffic flow information for all network interfaces in the selected resource.

Flow Log records are stored using the Amazon CloudWatch Logs service, in a log group that you specify. Flow Log records can be viewed and retrieved using Amazon CloudWatch Logs Console and API. You can also create custom metrics and alarms on the network flow records using CloudWatch metrics.

VPC Flow Logs can be managed from the AWS Management Console, the Command Line Interface (CLI) and through the AWS SDK. For more information about VPC Flow Logs, please refer to the documentation here.