Posted On: Mar 3, 2021

You can now add four additional metadata fields in your Amazon Virtual Private Cloud (Amazon VPC) flow logs, namely flow-direction, traffic-path, pkt-src-aws-service and pkt-dst-aws-service. With these enriched fields you can derive insights into the AWS services that your workloads are communicating with, differentiate between ingress and egress traffic flows and identify the next hop of your egress traffic, such as an internet gateway, a VPC peering connection or a virtual private gateway.
Enriched metadata fields in VPC flow logs can reduce the cost and operational overhead associated with the additional computations or lookups required to extract meaningful information from log data in a centralized log processing system. You can monitor your VPC traffic by capturing VPC flow logs with these enriched metadata fields and analyze them to better understand your network and application dependencies and data transfer or data processing charges.
To get started, simply create a new flow log subscription with a custom log format including the four new metadata fields. You can also include additional metadata fields from the full list of available fields.
This functionality is available at no additional charge through the AWS Management Console, the AWS Command Line Interface (AWS CLI), and the AWS Software Development Kit (AWS SDK). To learn more about Amazon VPC flow logs, please refer to the documentation.