# Overview
Use the Flow logs feature to capture data that is related to IPv4 and IPv6 network traffic flows. Flow logs can be enabled for each network interface of a [Virtual Machine (VM)](https://docs.ionos.com/cloud/support/general-information/glossary-of-terms#virtual-machine-vm) instance, as well as the public interfaces of the [Managed Network Load Balancer (NLB)](/cloud/network-services/network-load-balancer/overview.md) and [Managed Network Address Translation (NAT) Gateway](/cloud/network-services/nat-gateway/overview.md).
Flow logs can help you with several tasks such as:
* Debugging connectivity and security issues
* Monitoring network throughput and performance
* Logging data to ensure that firewall rules are working as expected
Flow logs are stored in a customer space.vars.ionos\_cloud\_object\_storage bucket, which you configure when you create a flow log collector.
{% hint style="info" %}
**Note:** Flow logs operate in user-owned buckets, capturing network traffic flow data for IPv4 and IPv6 addresses, but they are not supported in contract-owned buckets.
{% endhint %}
## Network traffic flows
A network traffic flow is a sequence of packets sent from a specific source to a specific unicast, anycast, or multicast destination. A flow could be made up of all packets in a specific transport connection or a media stream. However, a flow is not always mapped to a transport connection one-to-one.
A flow consists of the following network information:
* Source [IP address](https://docs.ionos.com/cloud/support/general-information/glossary-of-terms#ip-address)
* Destination IP address
* Source port
* Destination port
* Internet protocol
* Number of packets
* Bytes
* Capture start time
* Capture end time
## Core concepts
* Flow log data for a monitored network interface is stored as flow log records, which are log events containing fields that describe the traffic flow. For more information, see [Flow Log Record](/cloud/network-services/flow-logs/record-example.md).
* Flow log records are written to flow logs, which are then stored in a user-defined [IONOS CLOUD Object Storage bucket](/cloud/backup-and-storage/ionos-object-storage.md) from where they can be accessed.
* You can export, process, analyze, and visualize flow logs using tools, such as Security Information and Event Management (SIEM) systems, Intrusion Detection Systems (IDS), [Cyberduck](https://cyberduck.io), [Logstash](https://www.elastic.co/logstash/), etc.
* Traffic flows in your network are captured based on the defined rules.
* Flow logs are collected at a **10-minute** rotation interval and have no impact on customer resources or network performance. Statistics about a traffic flow are collected and aggregated during this time to create a flow log record.
* Flow logs can capture network traffic flow data for IPv4 and IPv6 addresses in [user-owned buckets](/cloud/backup-and-storage/ionos-object-storage/concepts/bucket-types.md).
{% hint style="info" %}
**Note:** No flow log file will be created if no flows for a particular bucket are received during the log rotation interval. This prevents empty objects from being uploaded to the space.vars.ionos\_cloud\_object\_storage.
{% endhint %}
* The flow log file's name is prefixed with an optional object prefix, followed by a Unix timestamp and the file extension `.log.gz`. Example: `flowlogs/webserver01-1629810635.log.gz`.
* Flow logs are retained in the space.vars.ionos\_cloud\_object\_storage bucket until they are manually deleted. Alternatively, you can configure objects to be deleted automatically after a predefined time using a Lifecycle Policy for an object in the space.vars.ionos\_cloud\_object\_storage. For more information, see [Delete objects](/cloud/backup-and-storage/ionos-object-storage/how-tos/manage-objects-folders.md#delete-objects).
* The space.vars.ionos\_cloud\_object\_storage owner of the object is an space.vars.ionos\_cloud internal technical user named [flowlogs@cloud.ionos.com](mailto:flowlogs@cloud.ionos.com) with **Canonical ID 31721881|65b5d54-8b1b-459c-9d46-3696d9beaf**.
{% hint style="danger" %}
**Warning:** It is advisable to never delete the space.vars.ionos\_cloud internal technical user from your bucket as this disables the flow log service. The bucket owner also receives full permissions to the flow log objects per default.
{% endhint %}
## Limitations
This section lists the limitations of Flow logs:
* You cannot change the configuration of a flow log or the flow log record format after it has been created. In the flow log record, you cannot add or remove fields. Instead, delete the flow log and create a new one with the necessary settings.
* Flow logs do not operate on contract-owned buckets. However, flow logs can capture network traffic flow data for IPv4 and IPv6 addresses in user-owned buckets.
* There is a limit of one flow log created per NIC, Managed NAT Gateway, and Managed Network Load Balancer.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.ionos.com/cloud/network-services/flow-logs/overview.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.