# Configure Flow Logs

{% hint style="info" %}
**Prerequisite:** Ensure you have an user-owned bucket in IONOS Cloud Object Storage and you have the write access permissions to it.\
To create an IONOS Cloud Object Storage bucket, see [<mark style="color:blue;">IONOS Cloud Object Storage</mark>](https://docs.ionos.com/sections-test/guides/storage-and-backup/ionos-object-storage).
{% endhint %}

## Create a flow log

1\. In the Inspector pane, open the **Settings** tab.

2\. To activate flow logs, open the **Flowlog** drop-down and fill in the following fields:

* **Name**: Enter a name for the flow log rule. The name will also be the first part of the objects' name prefix.
* **Direction**: Choose **Ingress** to create flow logs for incoming traffic, **Egress** for outgoing traffic, or **Bidirectional** to create flow logs for all traffic.
* **Action**: Choose **Rejected** to capture only traffic blocked by the firewall, **Accepted** to capture only traffic allowed by the firewall, or **Any** for all traffic.
* **Target Object Storage bucket**: Enter a valid existing IONOS Cloud Object Storage name for the user-owned bucket and an optional object name prefix where flow log records should be written.
* **Add flow log**: To complete the configuration of the flow log. It becomes applied once you provision your changes.

![Creating a flow log in the properties of NIC](https://1737632334-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MifAzdGvKLDTtvJP8sm%2Fuploads%2Fgit-blob-210baa2aeeb22b27064adc981d1092f9d3702af6%2Falb-flow-logs.png?alt=media)

As a result, an activated flow log rule is indicated by a green light in the properties of the NIC. A green light indicates that the configuration has been validated and is valid for provisioning.

3\. Select **PROVISION CHANGES**. After provisioning is complete, the network interface flow logs are activated.

## Delete a flow log

1\. In the Inspector pane, open the **Settings** tab.

2\. Open the **Flowlog** drop-down list.

3\. Select the delete icon to delete the flow log.

4\. In the confirmation message, select **OK**.

Select **PROVISION CHANGES**. After provisioning is complete, the network interface's flow logs are deleted and no longer captured.

{% hint style="info" %}
**Note:** Deleting a flow log does not delete the existing log streams from your bucket. Existing flow log data must be deleted using the respective service's console. In addition, deleting the flow log that is published to IONOS Cloud Object Storage does not remove the bucket policies and log file access control lists (ACLs).
{% endhint %}