Difference between revisions of "AWS VPC and GigaFlow"
| Line 3: | Line 3: | ||
= Create Log Groups = | = Create Log Groups = | ||
| − | From the AWS management console, select | + | From the AWS management console, select '''CloudWatch'''; you will see: |
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image001.png AWS CloudWatch Welcome Screen.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image001.png AWS CloudWatch Welcome Screen.] | ||
| − | On the left-hand side, | + | On the left-hand side, click '''Logs'''. |
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image003.png CloudWatch Welcome Screen Menu.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image003.png CloudWatch Welcome Screen Menu.] | ||
| − | + | Click '''Create Log Group'''. | |
| − | When asked for a name, enter "VPCFlowLogs" and click '''Create Log Group''' | + | When asked for a name, enter "VPCFlowLogs" and click '''Create Log Group'''. |
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image005.png Create Log Group.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image005.png Create Log Group.] | ||
| Line 19: | Line 19: | ||
= Enable VPC logging = | = Enable VPC logging = | ||
| − | From the AWS management console, select | + | From the AWS management console, select '''VPC'''; you will see: |
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image008.png VPC Dashboard.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image008.png VPC Dashboard.] | ||
| − | From the VPC Dashboard, click on | + | From the VPC Dashboard, click on '''Your VPCs''' in the left-hand menu. |
| − | + | Click to select the VPC of interest: | |
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image010.png Your VPCs.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image010.png Your VPCs.] | ||
| − | + | ||
| − | + | Now select the '''Flow Logs''' tab at the bottom of the screen: | |
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image012.png VPC Flow Logs Tab.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image012.png VPC Flow Logs Tab.] | ||
| − | If there are no flow logs in the list, click | + | If there are no flow logs in the list, click '''Create flow log'''. |
| − | You will see something similar to | + | |
| + | You will see something similar to: | ||
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image013.png VPC Create flow log tab.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image013.png VPC Create flow log tab.] | ||
| − | + | Change the '''Filter''' option to '''All'''. | |
| − | + | ||
| − | + | ||
| − | If you don’t already have a role you want to use, click on | + | For destination, ensure that '''Send to CloudWatch logs''' is selected. |
| − | Select | + | |
| − | Enter the Role Name e.g. "FlowLogsToCloudWatch". | + | For '''Destination log Group''', click to select the '''VPCFlowLogs''' option: |
| − | Click | + | |
| − | Return to the | + | If you don’t already have a role that you want to use, click on '''Set Up Permissions'''. |
| + | Select '''Create a new IAM Role''' for IAM Role options. | ||
| + | Enter the Role Name, e.g. "FlowLogsToCloudWatch". | ||
| + | Click '''Allow''' at bottom of screen. | ||
| + | Return to the '''Create Flow Log''' page to continue. | ||
You should now see: | You should now see: | ||
| Line 52: | Line 55: | ||
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image015.png VPC Create flow log tab - completed.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image015.png VPC Create flow log tab - completed.] | ||
| − | Click | + | Click '''Create'''. |
| − | Return to the CloudWatch Dashboard and select the | + | |
| + | Return to the CloudWatch Dashboard and select the '''Logs''' menu option from the left-hand screen. You will see a page similar to: | ||
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image017.png VPC Log Groups.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image017.png VPC Log Groups.] | ||
| − | Click on the flow log name | + | Click on the flow log name, "VPCFlowLogs". This will open the log destination and show which streams have been created. |
| − | + | ||
| + | You will see similar to the following screenshot, with an entry for each interface. | ||
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image019.png Search Log Group] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image019.png Search Log Group] | ||
| − | + | Click on any one of the log streams; you will see something similar to: | |
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image021.png Log Group Output.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image021.png Log Group Output.] | ||
| Line 68: | Line 73: | ||
= Create the Lambda = | = Create the Lambda = | ||
| − | From the AWS management console, select | + | From the AWS management console, select '''Lambda'''; you will see: |
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image023.png AWS Lambda Dashboard.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image023.png AWS Lambda Dashboard.] | ||
| − | From the left hand menu, select the | + | From the left hand menu, select the '''Functions'''. |
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image025.png AWS Lambda Functions.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image025.png AWS Lambda Functions.] | ||
| − | On this page, click on the | + | On this page, click on the '''Create Function''' button in the right hand frame; this takes you to: |
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image027.png AWS Lambda - Create function.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image027.png AWS Lambda - Create function.] | ||
| − | On this page, ensure that the | + | On this page, ensure that the '''Author from scratch''' card is selected. |
| − | Type in the name of the Lambda function i.e. | + | |
| − | Runtime should be | + | Type in the name of the Lambda function, i.e. VPCToNetflow". |
| − | Role | + | |
| + | Runtime should be '''Node.js 8.10'''. | ||
| + | |||
| + | The Role is '''Create a custom role'''. This will take you to a setup role page, similar to the VPC log access set-up page. Select '''Create a new IAM role'''. Enter the Role Name, i.e. “LambdaVPCLogAccess”. Click '''Allow'''. This will return you to the Lambda page with the new role selected. | ||
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image029.png AWS Lambda - Create function - Author from scratch.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image029.png AWS Lambda - Create function - Author from scratch.] | ||
| − | Click the | + | Click the '''Create Function''' button. |
| − | You will | + | |
| + | You will see: | ||
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image031.png New Lambda function configuration.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image031.png New Lambda function configuration.] | ||
| − | From the left-hand list under | + | From the left-hand list under '''Add triggers''', select '''CloudWatch Logs'''; this will look like: |
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image033.png New Lambda function configuration - add trigger.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image033.png New Lambda function configuration - add trigger.] | ||
| − | + | Scroll down to configure Triggers for cloud watch. | |
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image035.png New Lambda function configuration - configure trigger.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image035.png New Lambda function configuration - configure trigger.] | ||
| − | On his page, select the Log Group you created previously | + | On his page, select the Log Group you created previously, i.e. "VPCFlowLogs". |
| − | Enter a filter name | + | |
| + | Enter a filter name, e.g. "VPCToNetflowFilter". | ||
| + | |||
Leave the filter pattern blank. | Leave the filter pattern blank. | ||
| − | Ensure | + | |
| + | Ensure that '''Enable trigger''' is selected and click '''Add'''. | ||
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image037.png New Lambda function configuration - Add trigger.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image037.png New Lambda function configuration - Add trigger.] | ||
| Line 109: | Line 121: | ||
= Creating the Netflow Generator Function = | = Creating the Netflow Generator Function = | ||
| − | At the top of the Lambda function page, click on the Lambda name | + | At the top of the Lambda function page, click on the Lambda name, i.e. "VPCToNetflow". |
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image039.png VPCToNetFlow function.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image039.png VPCToNetFlow function.] | ||
| − | This will take you to | + | This will take you to '''Function Code'''. Here you can edit the associated Lambda function. |
| − | Delete the code | + | |
| + | Delete the existing code at '''index.js'''. | ||
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image041.png VPCToNetFlow function code.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image041.png VPCToNetFlow function code.] | ||
| − | Paste in the NetFlow generator code. | + | Paste in the Anuvew NetFlow generator code. See the Code section, below. |
| − | + | ||
| + | Customize the code for your VPC by changing the port and host IP address, i.e. where you want to send the flows. | ||
[http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image043.png VPCToNetFlow function code - port and host name.] | [http://wiki.anuviewsoftware.com/manual/assets/wiki/VPC/image043.png VPCToNetFlow function code - port and host name.] | ||
| − | + | Click '''Save''' at the very top of the screen. | |
| − | You can use the | + | |
| + | You can use the '''monitoring''' tab at the top of the page to monitor the execution of the Lambda. | ||
= Code = | = Code = | ||
| − | Please contact [https://www.anuview.net/ Anuview] to request access to the AWS Lambda | + | Please contact [https://www.anuview.net/get-in-touch/ Anuview] to request access to the Anuvew NetFlow generator code for AWS Lambda. |
Revision as of 11:40, 23 November 2018
Contents |
Create Log Groups
From the AWS management console, select CloudWatch; you will see:
AWS CloudWatch Welcome Screen.
On the left-hand side, click Logs.
CloudWatch Welcome Screen Menu.
Click Create Log Group.
When asked for a name, enter "VPCFlowLogs" and click Create Log Group.
Enable VPC logging
From the AWS management console, select VPC; you will see:
From the VPC Dashboard, click on Your VPCs in the left-hand menu.
Click to select the VPC of interest:
Now select the Flow Logs tab at the bottom of the screen:
If there are no flow logs in the list, click Create flow log.
You will see something similar to:
Change the Filter option to All.
For destination, ensure that Send to CloudWatch logs is selected.
For Destination log Group, click to select the VPCFlowLogs option:
If you don’t already have a role that you want to use, click on Set Up Permissions. Select Create a new IAM Role for IAM Role options. Enter the Role Name, e.g. "FlowLogsToCloudWatch". Click Allow at bottom of screen. Return to the Create Flow Log page to continue.
You should now see:
VPC Create flow log tab - completed.
Click Create.
Return to the CloudWatch Dashboard and select the Logs menu option from the left-hand screen. You will see a page similar to:
Click on the flow log name, "VPCFlowLogs". This will open the log destination and show which streams have been created.
You will see similar to the following screenshot, with an entry for each interface.
Click on any one of the log streams; you will see something similar to:
Create the Lambda
From the AWS management console, select Lambda; you will see:
From the left hand menu, select the Functions.
On this page, click on the Create Function button in the right hand frame; this takes you to:
On this page, ensure that the Author from scratch card is selected.
Type in the name of the Lambda function, i.e. VPCToNetflow".
Runtime should be Node.js 8.10.
The Role is Create a custom role. This will take you to a setup role page, similar to the VPC log access set-up page. Select Create a new IAM role. Enter the Role Name, i.e. “LambdaVPCLogAccess”. Click Allow. This will return you to the Lambda page with the new role selected.
AWS Lambda - Create function - Author from scratch.
Click the Create Function button.
You will see:
New Lambda function configuration.
From the left-hand list under Add triggers, select CloudWatch Logs; this will look like:
New Lambda function configuration - add trigger.
Scroll down to configure Triggers for cloud watch.
New Lambda function configuration - configure trigger.
On his page, select the Log Group you created previously, i.e. "VPCFlowLogs".
Enter a filter name, e.g. "VPCToNetflowFilter".
Leave the filter pattern blank.
Ensure that Enable trigger is selected and click Add.
New Lambda function configuration - Add trigger.
Creating the Netflow Generator Function
At the top of the Lambda function page, click on the Lambda name, i.e. "VPCToNetflow".
This will take you to Function Code. Here you can edit the associated Lambda function.
Delete the existing code at index.js.
Paste in the Anuvew NetFlow generator code. See the Code section, below.
Customize the code for your VPC by changing the port and host IP address, i.e. where you want to send the flows.
VPCToNetFlow function code - port and host name.
Click Save at the very top of the screen.
You can use the monitoring tab at the top of the page to monitor the execution of the Lambda.
Code
Please contact Anuview to request access to the Anuvew NetFlow generator code for AWS Lambda.
