AWS/FlowLog
- Find
Logs > Logs Insights
- Search VPCFlowLogs
- Flow logs is network packet flow logs, can be used for advanced troubleshooting and monitoring.
Once enabled, captured under CloudWatch vpc-flow-log/vpc-00123456-acct-name
e.g. filter for Logs Insights
filter protocol == '6' and dstPort == 443 and substr(srcAddr, 0,6) != '10.20' | stats count() by srcAddr