fbpx
Back Arrow Back to All Integrations

AWS: VPC Flow Logs

AWS: VPC Flow Logs

Before configuring AWS VPC Flow Logs, we recommend reviewing Blumira’s AWS Getting Started Guide.
 

In order to enable broad Blumira coverage for AWS, you will want to follow these configurations steps:

  1. Configure AWS Kinesis Data Stream and IAM
  2. Configure AWS CloudTrail
  3. Configure AWS CloudWatch
  4. Configuring AWS VPC Flow Logs (Continue Below)
  5. Configure AWS GuardDuty

VPC Flow Logs Configuration

  1. Open VPC from the AWS console and select VPCs
     
  2. Select the VPC you wish to ingest logs from, select Flow logs, then Create flow log

     

  3. Complete the VPC flow log configuration by entering the appropriate name, filter, destination, log group, and IAM role. Note: if an existing role hasn’t been configured, clicking Set up permissions will aid in creating this for you, as pictured in the following step.
     
  4. If a service role for allowing VPC Flow Logs to put logs into a CloudWatch log group does not already exist, use the below as a guide for creating that IAM configuration by clicking Set up permissions as pictured in the previous image.
     
  5. Repeat for each VPC you wish to ingest logs from (using the same IAM role)

Now that you’ve configured AWS: VPC Flow Logs for Blumira, continue to the next step in configuring AWS for Blumira – configure AWS: GuardDuty >