Help Center/ Virtual Private Cloud/ User Guide/ VPC Flow Log/ Creating a VPC Flow Log
Updated on 2025-07-25 GMT+08:00
View PDF
Share

Creating a VPC Flow Log

Scenarios

A VPC flow log records information about the traffic going to and from a VPC.

Configuration Example

You can use a VPC flow log to collect and analyze the traffic of a specified VPC. This section provides guidance on the entire process in typical scenarios to help you configure and analyze flow logs.

Prerequisites

Ensure that the following operations have been performed on the LTS console:

  • Create a log group.
  • Create a log stream.

For more information about the LTS service, see the Log Tank Service User Guide.

Procedure

  1. Go to the VPC flow log list page.
  2. In the upper right corner, click Create Flow Log. On the displayed page, configure parameters as prompted.
    Table 1 Parameter descriptions

    Parameter

    Description

    Example Value

    Name
    The VPC flow log name. The name:
    • Can contain 1 to 64 characters.
    • Can contain letters, digits, underscores (_), hyphens (-), and periods (.).

    flowlog-495d

    Resource Type
    Type of the resource whose traffic is to be logged. The options can be one of the following:
    • NIC
    • Subnet
    • VPC

    NIC

    Resource

    The specific resource whose traffic is to be logged.

    NOTE:

    We recommend that you select an ECS in the running state. If an ECS in the stopped state is selected, restart the ECS after creating the VPC flow log for accurately recording the information about the traffic of the ECS's network interface.

    N/A

    Filter
    • All traffic: Both accepted and rejected traffic of the specified resource will be logged.
    • Accepted traffic: Only accepted traffic of the specified resource will be logged. Accepted traffic refers to the traffic allowed by the security group and network ACL.
    • Rejected traffic: Only rejected traffic of the specified resource will be logged. Rejected traffic refers to the traffic denied by the security group and network ACL.

    All

    Log Group

    The log group created in LTS.

    lts-group-abc

    Log Stream

    The log stream created in LTS.

    lts-topic-abc

    Description

    Supplementary information about the VPC flow log. This parameter is optional.

    The VPC flow log description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

    N/A

    Only two flow logs, each with a different filter, can be created for a single resource under the same log group and log stream. Each VPC flow log must be unique.

  3. Click Create Now.

    Return to the VPC flow log list and check the new VPC flow log.

Parent Topic: VPC Flow Log