Skip to content

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
  • Labs icon Lab
  • A Cloud Guru
Google Cloud Platform icon
Labs

Working with VPC Flow Logs for Network Monitoring in AWS

This hands-on lab gives you the opportunity to work with VPC Flow Logs. It will teach various ways to review VPC Flow Logs and monitor networks. A common way people evaluate VPC Flow Logs is by sending them to CloudWatch. Once they're in CloudWatch, people can create metrics, then set alarms based on those metrics. Additionally, it's possible to export CloudWatch Logs to S3. In fact, it's possible to export VPC Flow Logs directly to S3. The advantages of this are cost savings and ease of use. In this hands-on lab, we will go through the process of exporting VPC Flow Logs to S3, as well as use Amazon Athena to query those Flow Logs.

Try for free Contact sales
Google Cloud Platform icon
Labs

Path Info

Level
Clock icon Advanced
Duration
Clock icon 1h 0m
Published
Clock icon Sep 09, 2021

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Table of Contents

  1. Challenge

    Create an S3 Bucket

    1. Navigate to S3.
    2. Click Create Bucket.
    3. Give the bucket a unique name (e.g., "vpcflow4learningactivity" and a series of numbers at the end, like the account ID of the AWS account provisioned with the lab, to make it globally unique).
    4. Click Next three times.
    5. Click Create Bucket.
    6. Click to open your newly created bucket.
    7. Click Create folder.
    8. In the box next to the folder, enter "AWSLogs".
    9. Click Save.
    10. Click Create folder.
    11. In the box next to the folder, enter "QueryResults".
    12. Click Save.

  2. Challenge

    Configure VPC Flow Logs

    1. Navigate to VPC > Your VPCs.
    2. Select the LinuxAcademy VPC.
    3. Click Actions > Create flow log.
    4. Set the following values:
      • Filter: All
      • Destination: Send to an S3 bucket
      • S3 bucket ARN: arn:aws:s3:::<YOUR_BUCKET_NAME>
    5. Click Create.
    6. Click the Flow Logs tab to verify the flow log exists.

  3. Challenge

    Create and Query a Sample Table in Amazon Athena

    1. In Athena, specify the QueryResults folder in the S3 bucket as the query results location.
    2. Use the Athena tutorial to create a sample table.
    3. Run a select * from query on the table.
    4. Edit the query by replacing * with request_ip and run it again.

  4. Challenge

    Configure and Query the VPC Flow Logs

    1. In S3, verify that logs have populated the AWSLogs folder in the vpcflow4learningactivity bucket.
    2. In Athena, run the scripts provided on the lab page.
A Cloud Guru - Labs - Working with VPC Flow Logs for Network Monitoring in AWS
Author
A Cloud Guru

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.

Start learning by doing today

View Plans