This document describes how to create a flow log policy to collect flow logs of ENIs, NAT gateway and CCN cross-region connections.
The FL service for NAT gateway and CCN cross-region connections is currently in beta. To try it out, please submit a ticket.
|Name||The name of the flow log policy.|
|Collection range||This specifies the collection range of the flow log policy. ENI, NAT gateway and CCN are supported.|
|VPC||The VPC where the flow logs are collected.|
|Subnet||The subnet where the flow logs are collected.|
|Collection type||This specifies the type of traffic to be collected by the flow log: All traffic, or the traffic rejected or accepted by security groups or ACL.|
|Logset||This specifies the storage location in CLS for the flow log.
|Log topic||This specifies the minimum dimension of log storage, which is used to distinguish log types, such as “Accept” log.|
|Tag key||An optional parameter. You can create a tag key or select an existing one. It is used for locating and managing flow logs.|
|Tag value||An optional parameter. You can create a tag value or select an existing one. You can also leave it empty.|
- You can view the record of a newly created flow log in CLS after several minutes upon the creation (for example, for a flow log of an ENI, 5 minutes for the capture window and 5 minutes for data publishing).
- FL service is free of charge, but your need to pay for the data stored in CLS. See Billing Overview.
Click Index configuration to confirm that the index has been enabled. If it is disabled, you are unable to search the collected log data.