What

VPC Flow log is to log the traffic within your network

Some Info

Log Level

  1. VPC
  2. Subnet
  3. ENI

Log Info

  1. src/dst addr
  2. src/dst port
  3. action (success/failure)

Log Destination

  1. CloudWatch
  2. S3 Bucket

Visibility/Dashboard

  1. Log Insight (CloudWatch)
  2. Athena (S3)

Some Debug Tips

  1. Outbound/Inbound failure -> NACL or SG
  2. Outbound/Inbound success but return error -> NACL (SG auto allow the return package)