Skip to main content
McAfee MVISION Cloud

Enable Amazon VPC Flow Logs for MVISION Cloud

Amazon Virtual Private Cloud (VPC) Flow Logs allow you to capture IP traffic information going to and from network interfaces in your VPC. Flow log data can be published to Amazon CloudWatch Logs or Amazon S3. In MVISION Cloud you can view VPC Flow Log data in the Resources Connection View when you enable the feature for Configuration Audit. 

For more information, see VPC Flow Logs

Prerequisites

Provide the Minimum Permissions to the MVISION Cloud IAM role. For details, see Configure MVISION Cloud IAM Roles for AWS

Configure VPC Flow Logs in AWS

  1. Log in to the AWS console. 
  2. Go to the VPC service page and select the VPC where you want to enable Flow Logs.
  3. Select the Flow Logs tab.
  4. Click Create Flow Logs
    vpc_service.png
  5. The configuration page for Flow Logs opens.
  6. For Destination, select CloudWatch or S3 Bucket and add the required configuration information. For example, if an S3 bucket is your destination, add the S3 bucket ARN.
  7. For Filter select All
  8. For Log record format, select AWS default format
    clipboard_e2a5b13244fc1f083da75af48f5530dfe.png
  9. Click Create.
    vpc_create.png

Enable VPC Flow Logs in MVISION Cloud

  1. Go to Settings > Service Management
  2. Select your AWS instance. 
  3. Select the Setup tab, and under API, click Edit
  4. For Enabled Features, click Edit
  5. Under Security Configuration Audit, activate the checkbox VPC Flow Logs.
    vpc_enable_mvc.png
  6. Click Next, then finish the wizard steps to save your changes. 
  7. Once you have enabled VPC Flow Logs, run the Config Audit scan.

 

  • Was this article helpful?