Posted On: May 27, 2021
Amazon Virtual Private Cloud (Amazon VPC) flow logs now makes it easier to query VPC flow logs using Amazon Athena. With a few clicks, you can now automate the integration between Athena and your VPC flow logs delivered to Amazon Simple Storage Service (S3). You can also choose from a set of predefined Athena queries to derive actionable insight such as the total egress traffic from your VPCs, identify the top talkers in your subnets, or troubleshoot anomalies in your VPC traffic.
To get started, choose an existing VPC flow log subscription and select ‘Generate Athena integration’. This generates a pre-configured Amazon CloudFormation template that can automatically create a partitioned Athena table for your chosen flow log subscription. Next, create a stack from the generated CloudFormation template, and head over to the Amazon Athena console query editor to immediately start analyzing your flow logs delivered to Amazon S3. Furthermore, this integration allows you to automatically populate new data into your Athena table so that you are always querying the latest flow logs.
The functionality is available through the Amazon Management Console, the Amazon Command Line Interface (Amazon CLI), and the Amazon Software Development Kit (Amazon SDK).There is no cost to setup the integration between VPC flow logs and Athena. Running Athena queries within the Athena query editor or using the Amazon CLI will incur standard Athena charges. To learn more about the VPC flow logs integration with Athena, please refer to the documentation.