Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Enable Amazon VPC Flow Logs for Skyhigh CASB

Amazon Virtual Private Cloud (VPC) Flow Logs allow you to capture IP traffic information going to and from network interfaces in your VPC. Flow log data can be published to Amazon CloudWatch Logs or Amazon S3. In Skyhigh CASB you can view VPC Flow Log data in the Resources Connection View when you enable the feature for Configuration Audit. 

For more information, see VPC Flow Logs

Prerequisites

Configure VPC Flow Logs in AWS

  1. Log in to the AWS console. 
  2. Go to the VPC service page and select the VPC where you want to enable Flow Logs.
  3. Select the Flow Logs tab.
  4. Click Create Flow Logs
    vpc_service.png
  5. The configuration page for Flow Logs opens.
  6. For Destination, select CloudWatch or S3 Bucket and add the required configuration information. For example, if an S3 bucket is your destination, add the S3 bucket ARN.
  7. For Filter select All
  8. For Log record format, select AWS default format
    clipboard_e2a5b13244fc1f083da75af48f5530dfe.png
  9. Click Create.
    vpc_create.png

Enable VPC Flow Logs in Skyhigh CASB

  1. Go to Settings > Service Management
  2. Select your AWS instance. 
  3. Select the Setup tab, and under API, click Edit
  4. For Enabled Features, click Edit
  5. Under Security Configuration Audit, activate the checkbox VPC Flow Logs.
    vpc_enable_mvc.png
  6. Click Next, then finish the wizard steps to save your changes. 
  7. Once you have enabled VPC Flow Logs, run the Config Audit scan.
  • Was this article helpful?