Enable Flow Logs
Flow logs can help you with a number of tasks such as:
- Debugging connectivity and security issues
- Monitoring network throughput and performance
- Logging data to ensure that firewall rules are working as expected
Flow logs are stored in a customer’s IONOS S3 Object Storage bucket, which you configure when you create a flow log collector.
A network traffic flow is a sequence of packets sent from a specific source to a specific unicast, anycast, or multicast destination. A flow could be made up of all packets in a specific transport connection or a media stream. However, a flow is not always mapped to a transport connection one-to-one.
A flow consists of the following network information:
- Traffic flows in your network are captured in accordance with the defined rules.
- Flow logs are collected at a 10-minute rotation interval and have no impact on customer resources or network performance. Statistics about a traffic flow are collected and aggregated during this time period to create a flow log record.
- The flow log file's name is prefixed with an optional object prefix, followed by a Unix timestamp and the file extension
.log.gz, for example, flowlogs/webserver01-1629810635.log.gz.
- Flow logs are retained in the IONOS S3 Object Storage bucket until they are manually deleted. Alternatively, you can configure objects to be deleted automatically after a predefined time period using a Lifecycle Policy for an object in the IONOS S3 Object Storage.
To use flow logs, you need to be aware of the following limitations:
- You can't change the configuration of a flow log or the flow log record format after it's been created. In the flow log record, for example, you can't add or remove fields. Instead, delete the flow log and create a new one with the necessary settings.
- There is a limit of one flow log created per NIC, NAT Gateway, and Network Load Balancer.