Flow log record
Last updated
Last updated
A flow log record is a record of a network flow in your virtual data center (). By default, each record captures a network internet protocol (IP) traffic flow, groups it, and is enhanced with the following information:
Account ID of the resource
Unique identifier of the network interface
The flow's status, indicating whether it was accepted or rejected by the software-defined networking (SDN) layer
The flow log record is in the following format:
The following table describes all of the available fields for a flow log record.
version
string
The flow log version. Version 2 is the default.
2
account-id
string
The IONOS Cloud account ID of the owner of the resource containing the interface for which flow logs are collected.
12345678
interface_id
string
The interface unique identifier (UUID) for which flow logs are collected.
7ffd6527-ce80-4e57-a949-f9a45824ebe2
srcaddr
string
The source address for incoming traffic, or the IPv4 address of the network interface for outgoing traffic.
172.17.1.100
dstaddr
string
The destination address for outgoing traffic, or the IPv4 address of the network interface for incoming traffic.
172.17.1.101
srcport
uint16
The source port from which the network flow originated.
59113
dstport
uint16
The destination port for the network flow.
20756
protocol
uin8
The Internet Assigned Numbers Authority (IANA) protocol number of the traffic. For more information, see Assigned Internet Protocol Numbers
6
packets
uint64
The number of packets transferred during the network flow capture window.
17
bytes
uint64
The number of bytes transferred during the network flow capture window.
1325
start
string
The timestamp, in UNIX EPOCH format, of when the first packet of the flow was received within the grouping interval.
1587983051
end
string
The timestamp, in UNIX EPOCH format, of when the last packet of the flow was received within the grouping interval.
1587983052
action
string
The action associated with the traffic:
ACCEPT: traffic accepted by the firewall
REJECT: traffic rejected by the firewall
ACCEPT
log-status
string
The flow log logging status:
OK: normal flow logging
SKIPDATA: Some flow log records were skipped during the grouping interval
OK
The following are examples of flow log records that capture specific traffic flows. For information on how to create flow logs, see configure flow logs
In this example, traffic to the network interface 7ffd6527-ce80-4e57-a949-f9a45824ebe2
for the account 12345678
was accepted.
In this example, traffic to the network interface 7ffd6527-ce80-4e57-a949-f9a45824ebe2
for the account 12345678
was rejected.