VPC Update: VPC flow log for c3 ,cc3 and p2 computing flavors

Flexible Engine
Release Notes

April 15, 2020

The Virtual Private Cloud service on Flexible Engine has been updated to support VPC Flow Logs, that capture traffic information which is then viewable through the Log Tank Service.

New feature

VPC Flow Log

Feature description:

Flow Log is a feature that allows you to capture information about the IP traffic going to and from network interfaces. Flow Log is publishing the records to Log Tank Service allowing you to search and view the data.
This is a feature of VPC using an agent installed on the host that will be responsible to capture the traffic log and to send it to the Log Tank Service.

Feature usage:

The feature will help you for:
• Troubleshooting – to troubleshoot why specific traffic is not reaching your instance ( ex. diagnose overly restrictive security group rules).
• Security /audit : monitor & audit the traffic that is reaching your instance using flow logs as a security tool

You can find more info about VPC Flow Logs on the Help Center of Flexible Engine.

Feature limitations:

The feature is available only for the ECS flavors: cc3, c3 and p2.
For every log type (accept, deny, all), the feature will capture max 400 000 flow logs (about 40MB).
By default, you can create a maximum of 10 VPC flow logs.
The feature is not available for the BMS or ECS s3, h1 and d2 flavors.

Flexible EngineRelease Notes

Flexible Engine
Release Notes