Create a Flow Log for VPC or Subnet in AWS

Requirements:

1. Create a Flow Logs Role
2. Create a Destination Log Group

Create a flow log for a VPC or a subnet

1. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

2. In the navigation pane, choose Your VPCs, or choose Subnets.

3. Select your VPC or subnet, choose the Flow Logs tab, and then Create Flow Log.
   
   
   Note:

   To create flow logs for multiple VPCs, choose the VPCs, and then select Create Flow Log from the Actions menu. To create flow logs for multiple subnets, choose the subnets, and then select Create Flow Log from the Subnet Actions menu.

4. In the dialog box, complete following information. When you are done, choose Create Flow Log:
   
   

   • Filter: Select whether the flow log should capture rejected traffic, accepted traffic, or all traffic.

   • Role: Specify the name of an IAM role that has permission to publish logs to CloudWatch Logs.

   • Destination Log Group: Enter the name of a log group in CloudWatch Logs to which the flow logs will be published. You can use an existing log group, or you can enter a name for a new log group, which we'll create for you.

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.