integration-docs
AWS VPC Flow Logs OpenTelemetry Assets
Serverless Observability Serverless Security Stack
| Version | 0.1.1 (View all) |
| Subscription level What's this? |
Basic |
| Developed by What's this? |
Elastic |
To use beta integrations, go to the Integrations page in Kibana, scroll down, and toggle on the Display beta integrations option.
This package contains Kibana assets for monitoring Amazon Virtual Private Cloud (Amazon VPC) flow logs.
ECF is the simplest way to configure AWS VPC Flow log collection. Refer to the ECF for AWS documentation for full setup instructions.
Any OTel-supported collection method is supported provided the required extension is included.
This package has been tested with OpenTelemetry Collector version 0.138.0. The OpenTelemetry components used are awss3receiver, awslogsencodingextension, and elasticsearchexporter.
extensions:
awslogs_encoding/vpcflow:
format: vpcflow
vpcflow:
file_format: plain-text
receivers:
awss3:
sqs:
queue_url: "<sqs-url>"
region: "<region>"
s3downloader:
region: "<region>"
s3_bucket: '<bucket_name>'
s3_prefix: 'AWSLogs/<account-id>'
encodings:
- extension: awslogs_encoding/vpcflow
exporters:
elasticsearch/otel:
endpoints: https://<host>:<port>
api_key: <api_key>
service:
extensions: [awslogs_encoding/vpcflow]
pipelines:
logs:
exporters: [elasticsearch/otel]
receivers: [awss3]
This integration includes one or more Kibana dashboards that visualizes the data collected by the integration. The screenshots below illustrate how the ingested data is displayed.
Changelog
| Version | Details | Kibana version(s) |
|---|---|---|
| 0.1.1 | Enhancement (View pull request) Add "Alternative setup using awss3receiver" section to README |
— |
| 0.1.0 | Enhancement (View pull request) Initial draft of the AWS VPC Flow Logs OpenTelemetry Assets Package |
— |