A full-time, full-flow and non-intrusive traffic collection service that enhances the stability, security and intelligence of your networks
Tencent Cloud Flow Logs (FL) provides you with a full-time, full-flow and non-intrusive traffic collection service, enabling you to store and analyze network traffic in real time for assistance with troubleshooting, architecture optimization, security detection and compliance auditing. With FL, your cloud networks will become more stable, secure and intelligent.
Non-intrusive collection fundamentally circumvents the issue of high consumption of CVM bandwidth and CPU resources by traditional collection methods, helping you build an efficient and stable network monitoring system in the cloud.
Bypass collection eliminates the need to install any plug-ins on the CVMs, effectively clearing off your security concerns and removing the collecting party from any liability in case of failures.
Powerful packet processing collects the ENI traffic across the entire network, enabling full-time and network-wide flow rewinding for tracking purposes and making it easy to implement security auditing and troubleshooting measures.
Real-time data collection of high volumes of network flows helps you analyze business networks in real time, allowing for prompt decision-making and strategic response and reducing network downtime.
FL can be activated in just seconds and is easy to manage, helping you improve OPS efficiency and enabling you to focus more on core business innovations and enhance corporate competitiveness.
Flow logs can be created for VPCs, subnets and EINs. When created for VPCs or subnets, the flow logs of every single EIN on the VPCs or subnets will be collected. A flow log consists of multiple records with the following fields: source IP, destination IP, protocol, packet size, traffic, collection time window and security group or ACL permission.
The collected flow log data can be delivered to CLS for storage and analysis, which supports flow log viewing and multi-keyword search of hundreds of millions of data entries with results returned in seconds.
If CLS fails to meet your log storage and analysis needs due to capacity limitations, you can use CLS to deliver the logs to:
• COS: The COS bucket under your account, for storage and management.
• CAS (coming soon): The CAS archive bucket under your account, for backup storage, satisfying your log auditing needs.
• TDF (coming soon): TDF, meeting your data analytics needs for log data customization.
Network quality is the cornerstone of business stability. With the ability to snapshot failure sites, FL helps you quickly locate failures, rewind the network for tracking purposes and reduce network downtime. Specifically, FL can be used to quickly locate:
1. The CVMs at the root of the issue in cases such as broadcast storms or CVMs with bandwidth overuse;
2. Whether the inaccessibility of the CVMs is due to inappropriate security group or ACL settings.
FL collects network-wide, full-time and full-flow EIN traffic which, through big data analytics and visualization, helps you improve data-driven network OPS capability and optimize network architecture to:
1. Analyze historical network data to build business network benchmarks;
2. Promptly identify performance bottlenecks to reasonably scale up or down;
3. Analyze end users' access regions to appropriately expand business coverage;
4. Analyze network traffic to optimize network security policies.
Adding more traditional traffic checkpoints will degrade the performance of CVMs. In contrast, FL's full-time, full-flow and non-intrusive collection method helps you identify the following network threats, among others, in a timely manner to improve system security without affecting CVM performance:
1. Attempts to connect to a wide range of IPs
2. Communications with known threating IPs
3. Uncommon protocols
Cloud Flow Logs (FL) is free of charge.However, other related products such as Cloud Log Service(CLS) fees may apply.