Steampipe unbundled →
Steampipe Hub 
Hub
Plugins
turbot/ibm
Overview
24Tables
Versions
PowerpipeMods
GitHub
steampipe plugin install ibm

Table: ibm_is_flow_log - Query IBM Cloud VPC Flow Logs using SQL

IBM Cloud VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. This service helps in monitoring and troubleshooting connectivity issues, and it also provides valuable information for security and compliance purposes. Flow Logs data can be used to simplify the diagnostic tasks such as tracking down why certain traffic is reaching an instance.

Table Usage Guide

The ibm_is_flow_log table provides insights into VPC Flow Logs within IBM Cloud. As a network administrator or security analyst, explore log-specific details through this table, including source and destination IP addresses, ports, protocols, and packet and byte counts. Utilize it to uncover information about network traffic, such as identifying patterns, potential security risks, and analyzing the overall network behavior.

Examples

Basic info

Gain insights into the basic information of your IBM flow logs, including their names, IDs, lifecycle states, and creation dates. This can be useful for assessing the status and history of your flow logs.

select
  name,
  id,
  crn,
  lifecycle_state,
  created_at
from
  ibm_is_flow_log;
select
  name,
  id,
  crn,
  lifecycle_state,
  created_at
from
  ibm_is_flow_log;

List flow log collectors by name

Explore the specific flow log collectors by name to assess their lifecycle state and creation time, which can help in managing and monitoring your IBM cloud resources. This can be particularly useful when you need to track the changes or status of a specific log collector named 'steampipe01'.

select
  name,
  id,
  crn,
  lifecycle_state,
  created_at
from
  ibm_is_flow_log
where
  name = 'steampipe01';
select
  name,
  id,
  crn,
  lifecycle_state,
  created_at
from
  ibm_is_flow_log
where
  name = 'steampipe01';

List all inactive flow log collectors

Discover the segments that contain inactive flow log collectors. This can be beneficial in optimizing resources by identifying unused or unnecessary elements within your system.

select
  name,
  id,
  crn,
  lifecycle_state,
  created_at
from
  ibm_is_flow_log
where
  not active;
select
  name,
  id,
  crn,
  lifecycle_state,
  created_at
from
  ibm_is_flow_log
where
  active = 0;

List all flow log collectors with auto delete disabled

Discover the segments that have auto-delete disabled in flow log collectors, which is essential for maintaining data security and ensuring no essential log data is lost unintentionally.

select
  name,
  id,
  crn,
  lifecycle_state,
  created_at
from
  ibm_is_flow_log
where
  not auto_delete;
select
  name,
  id,
  crn,
  lifecycle_state,
  created_at
from
  ibm_is_flow_log
where
  auto_delete = 0;

List flow logs with their corresponding VPC details

Explore which flow logs are associated with specific VPCs to better manage network traffic and security in your IBM cloud infrastructure. This can help identify potential issues or bottlenecks in your network configuration.

select
  id,
  name,
  vpc ->> 'id' as vpc_id,
  vpc ->> 'name' as vpc_name
from
  ibm_is_flow_log;
select
  id,
  name,
  json_extract(vpc, '$.id') as vpc_id,
  json_extract(vpc, '$.name') as vpc_name
from
  ibm_is_flow_log;

Schema for ibm_is_flow_log

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
account_idtextThe account ID of this flow log collector.
activebooleanIndicates whether this collector is active.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
auto_deletebooleanIf set to `true`, this flow log collector will be automatically deleted when the target is deleted.
created_attimestamp with time zoneThe date and time that the flow log collector was created.
crntextThe CRN for this flow log collector.
hreftextThe URL for this flow log collector.
idtext=The unique identifier for this flow log collector.
lifecycle_statetextThe lifecycle state of the flow log collector.
nametext=The unique user-defined name for this flow log collector.
regiontextThe region of this flow log collector.
resource_groupjsonbThe resource group for this flow log collector.
storage_bucketjsonbThe Cloud Object Storage bucket where the collected flows are logged.
tagsjsonbA map of tags for the resource.
targetjsonbThe target this collector is collecting flow logs for.
titletextTitle of the resource.
vpcjsonbThe VPC this flow log collector is associated with.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- ibm

You can pass the configuration to the command with the --config argument:

steampipe_export_ibm --config '<your_config>' ibm_is_flow_log