Help Center/ Enterprise Router/ User Guide/ Flow Logs/ Flow Log Overview
Updated on 2025-10-30 GMT+08:00
View PDF
Share

Flow Log Overview

What Is a Flow Log?

Log Tank Service (LTS) can record flow logs for enterprise routers. A flow log records traffic of attachments on enterprise routers in real time. These logs allow you to monitor the network traffic of attachments and analyze network attacks, improving the O&M efficiency.

Flow logs can capture traffic of the following types of attachments:
  • A VPC attachment indicates that a VPC is attached to an enterprise router. Flow logs can collect the traffic between the VPC and other attachments of the enterprise router.
  • A virtual gateway attachment indicates that a Direct Connect virtual gateway is attached to an enterprise router. Flow logs can collect the traffic between the on-premises data center and the cloud connected by Direct Connect.
  • A VPN gateway attachment indicates that a VPN gateway is attached to an enterprise router. Flow logs can collect the traffic between the on-premises data center and the cloud connected by VPN.
  • A peering connection attachment indicates that enterprise routers from different regions are connected through a Cloud Connect central network. Flow logs can collect the traffic between different enterprise routers.
  • A global DC gateway attachment indicates that a Direct Connect global DC gateway is attached to an enterprise router. Flow logs can collect the traffic between the on-premises data center and the cloud connected by Direct Connect.

If you need to set up a hybrid cloud network, it is recommended that you use Enterprise Router and Direct Connect Global DC Gateway.

From May 2024, enterprise routers and Direct Connect virtual gateways cannot be used together to set up a hybrid cloud network. Existing networks that are set up using enterprise routers and Direct Connect virtual gateways are not affected.

Creation Process

Before creating a flow log for an enterprise router, you need to create a log group and a log stream on the LTS console.

Figure 1 Process of creating a flow log

Constraints

  • By default, you can create a maximum of 20 flow logs.
  • For TCP and UDP fragments, flow logs can record only the first fragment. Other fragments cannot be recorded because of incomplete packet header.
  • Flow logs can only record traffic generated for network communications and do not capture traffic generated by the network. For example, BGP traffic used by an enterprise router to learn routes of attachments is not recorded.
Parent topic: Flow Logs