Control: 2.5 Ensure virtual network flow log service is enabled
The flow log can be used to capture the traffic of an Elastic Network Interface (ENI), Virtual Private Cloud (VPC) or Virtual Switch (VSwitch). The flow log of a VPC or VSwitch shall be integrated with Log Service to capture the traffic of all ENIs in the VPC or VSwtich including the ENIs created after the flow log function is enabled. The traffic data captured by flow logs is stored in Log Service for real-time monitoring and analysis. A capture window is about 10 minutes, during which the traffic data is aggregated and then released to flow log record.
Perform the following ensure the virtual network flow log is enabled:
- Logon to VPC console.
- In the left-side navigation pane, click
- Select the region to which the flow log is to be created.
- On the
- On the
Create FlowLogpage, set the required parameters by following the instruction, and then click
Run the control in your terminal:
steampipe check alicloud_compliance.control.cis_v100_2_5
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share alicloud_compliance.control.cis_v100_2_5
This control uses a named query:manual_control