Analyze your VPC Flow logs and optimize performance
Identify trends
Get a line-by-line account of the traffic flowing to and from specific addresses. Chart traffic origins to gauge the impact of regional traffic flow.
Fix malfunctions
See visual choke points such as equipment failures and keep an eye on other dangerous trends — all in real time.
Control access
Find Access Control List (ACL) inconsistencies and protect your AWS services with proactive defense measures like ACL adjustments.
VPC Flow logs are a satellite’s eye view of your activity patterns
Your website is the focal point of a mass of web traffic interactions, especially in a Virtual Private Cloud (VPC) setting. As your site’s footprint expands the incoming and outbound activity buzzing around it grows exponentially. To help get a monitoring handle on all this movement Amazon Web Services provides its customers with VPC Flow logging, which captures important data about all of your traffic, including the malicious kind.
VPC Flow logs capture where data flow originated and where it was sent, what time and how much of it moved, the method used to move it (protocol, most commonly IP), and whether or not the data flowed as expected. Sumo Logic’s app makes makes interacting with this complex information easy.
Ingest All Your VPC Flow Data
Amazon VPC Flow Logs can be used to capture detailed information on actual network traffic flows such as:
- Source and destination IP address
- Source and destination ports
- Protocols used
- Bytes and packets transferred
Unfortunately, it is still necessary to parse and extract these values from the raw logs themselves. By ingesting the Amazon VPC Flow Logs into Sumo Logic, you can:
- Pre-built parsers for extracting the valuable structured data from the raw Amazon VPC Flow Logs
- Pre-configured queries for performing various higher-level analyses of the resulting data
- Geographic maps of network traffic and automatic anomaly detection on traffic flows
Real-time security: Sound the VPC flow alarm
When it comes to security, you shouldn’t cut corners. Sometimes even a great defense isn’t enough and unforeseen crises arise. But with the Sumo Logic VPC Flow app enables continuous intelligence that can raise the alarm or send out a call for help when certain thresholds are crossed or imminent, including:
- Repeated attempts at accessing restricted services
- A sudden propagation of strange new IP addresses
- Suspicious spikes in data package traffic
- Other symptoms of malicious infiltration attempts
The alarm feature takes AWS logging to a new, proactive level of security. Instead of reacting to captured segments of network activity minutes after they’ve occurred, the Sumo Logic VPC Flow catches events as they happen and presents them in simple, interactive visualizations that make threat protection and avoidance easier than any other log analyzer.
See AWS problems, monitor trends, all in real-time
Our interactive dashboard puts global real-time control of AWS traffic in your hands. With the click of a mouse, zoom from orbiting view to the source of a success or challenge and share it instantly with appropriate team members. The Sumo Logic app lets you maximize the power of AWS VPC Flow logging, turning torrents of raw data about the traffic to, from and within your VPC into clear information you can use in real-time.
But not all, or sometimes even most, traffic in your AWS environment is friendly. Companies like Symantec react daily to an endlessly renewed stream of potential threats ranging from denial of service (DNS) attacks to malware to ransomware, which can assault your data and literally take parts of it hostage.
The Sumo Logic app dashboard instantly addresses top threats, visually sorting malicious traffic by region and tracing it destination IP addresses. By viewing danger trends as they happen and over developing arcs, you can protect your AWS services with proactive defense measures like ACL adjustments, security device upgrades, or additional staff. Sumo Logic makes your AWS VPC Flow problems visible, and thus solvable.
The Ideal Docker Analytics Solution
“As an engineer working with complex and containerized applications, monitoring and troubleshooting the health of both the application and container infrastructure is imperative,” says Caleb Sotelo, entrepreneur and director at OpenX Labs.
“The Sumo Logic platform is easy to set up, offers a powerful query language, and provides native Docker support, making it the ideal log aggregation and analytics solution for me to understand critical application behaviors.”
Next Generation Log Management & Analytics
Take a tour of Sumo Logic’s log management tools and check out the new standard in machine data analytics.
