Back Arrow Back to All Integrations

AWS: VPC Flow Logs

AWS: VPC Flow Logs

Integrating with AWS VPC Flow Logs

Click here for the most updated version of this documentation.


Before configuring AWS VPC Flow Logs, we recommend reviewing Blumira’s AWS Getting Started Guide.


Sign Up For Your Free Account Today

Get your free account with Blumira and secure your Microsoft 365 environment in minutes. No credit card required.


Free Trial

VPC Flow Logs Configuration

  1. Open VPC from the AWS console and select VPCs
  2. Select the VPC you wish to ingest logs from, select Flow logs, then Create flow log
  3. Complete the VPC flow log configuration by entering the appropriate name, filter, destination, log group, and IAM role. Note: if an existing role hasn’t been configured, clicking Set up permissions will aid in creating this for you, as pictured in the following step.
  4. If a service role for allowing VPC Flow Logs to put logs into a CloudWatch log group does not already exist, use the below as a guide for creating that IAM configuration by clicking Set up permissions as pictured in the previous image.
  5. Repeat for each VPC you wish to ingest logs from (using the same IAM role)

Now that you’ve configured AWS: VPC Flow Logs for Blumira, continue to the next step in configuring AWS for Blumira – configure AWS: GuardDuty >