The information you are about to copy is INTERNAL!
DO NOT share it with anyone outside Check Point.
Create a CloudGuard Dome9 Flow Log for VPC or Subnet in AWS
| Solution ID |
sk144753 |
| Product |
CloudGuard Dome9 |
| Version |
All |
| Date Created |
21-Jan-2019
|
| Last Modified |
21-Jan-2019
|
Solution
Create a Flow Log for VPC or Subnet in AWS
Create a Flow Log for VPC or Subnet in AWS
Requirements:
- Create a Flow Logs Role
- Create a Destination Log Group
Create a flow log for a VPC or a subnet
-
Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.
-
In the navigation pane, choose Your VPCs, or choose Subnets.
-
Select your VPC or subnet, choose the Flow Logs tab, and then Create Flow Log.
Note:
To create flow logs for multiple VPCs, choose the VPCs, and then select Create Flow Log from the Actions menu. To create flow logs for multiple subnets, choose the subnets, and then select Create Flow Log from the Subnet Actions menu.
-
In the dialog box, complete following information. When you are done, choose Create Flow Log:
-
Filter: Select whether the flow log should capture rejected traffic, accepted traffic, or all traffic.
-
Role: Specify the name of an IAM role that has permission to publish logs to CloudWatch Logs.
-
Destination Log Group: Enter the name of a log group in CloudWatch Logs to which the flow logs will be published. You can use an existing log group, or you can enter a name for a new log group, which we'll create for you.
|
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.
|
