Sumo Logic’s app for VPC Flow logs breathes in streams of raw AWS Config data and exhales it in vivid, easy to understand visualizations that reveal the strengths, weaknesses and potential in your VPC traffic patterns.
Why the Sumo Logic App for VPC Flow?
Get a line-by-line account of the traffic flowing to and from specific addresses. Chart traffic origins to gauge the impact of regional traffic flow.
See visual choke points such as equipment failures and keep an eye on other dangerous trends — all in real time.
Find Access Control List (ACL) inconsistencies and protect your AWS services with proactive defense measures like ACL adjustments.
VPC Flow logs are a satellite’s eye view of your activity patterns
Your website is the focal point of a mass of web traffic interactions, especially in a Virtual Private Cloud (VPC) setting. As your site’s footprint expands the incoming and outbound activity buzzing around it grows exponentially. To help get a monitoring handle on all this movement Amazon Web Services provides its customers with VPC Flow logging, which captures important data about all of your traffic, including the malicious kind.
VPC Flow logs capture where data flow originated and where it was sent, what time and how much of it moved, the method used to move it (protocol, most commonly IP), and whether or not the data flowed as expected. Sumo Logic’s app makes makes interacting with this complex information easy.
Ingest All Your VPC Flow Data
Amazon VPC Flow Logs can be used to capture detailed information on actual network traffic flows such as:
- Source and destination IP address
- Source and destination ports
- Protocols used
- Bytes and packets transferred
Unfortunately, it is still necessary to parse and extract these values from the raw logs themselves. By ingesting the Amazon VPC Flow Logs into Sumo Logic, you can:
- Pre-built parsers for extracting the valuable structured data from the raw Amazon VPC Flow Logs
- Pre-configured queries for performing various higher-level analyses of the resulting data
- Geographic maps of network traffic and automatic anomaly detection on traffic flows
Real-time security: Sound the VPC flow alarm
When it comes to security, you shouldn’t cut corners. Sometimes even a great defense isn’t enough and unforeseen crises arise. But with the Sumo Logic VPC Flow app enables continuous intelligence that can raise the alarm or send out a call for help when certain thresholds are crossed or imminent, including:
- Repeated attempts at accessing restricted services
- A sudden propagation of strange new IP addresses
- Suspicious spikes in data package traffic
- Other symptoms of malicious infiltration attempts
The alarm feature takes AWS logging to a new, proactive level of security. Instead of reacting to captured segments of network activity minutes after they’ve occurred, the Sumo Logic VPC Flow catches events as they happen and presents them in simple, interactive visualizations that make threat protection and avoidance easier than any other log analyzer.
See AWS problems, monitor trends, all in real-time
Our interactive dashboard puts global real-time control of AWS traffic in your hands. With the click of a mouse, zoom from orbiting view to the source of a success or challenge and share it instantly with appropriate team members. The Sumo Logic app lets you maximize the power of AWS VPC Flow logging, turning torrents of raw data about the traffic to, from and within your VPC into clear information you can use in real-time.
But not all, or sometimes even most, traffic in your AWS environment is friendly. Companies like Symantec react daily to an endlessly renewed stream of potential threats ranging from denial of service (DNS) attacks to malware to ransomware, which can assault your data and literally take parts of it hostage.
The Sumo Logic app dashboard instantly addresses top threats, visually sorting malicious traffic by region and tracing it destination IP addresses. By viewing danger trends as they happen and over developing arcs, you can protect your AWS services with proactive defense measures like ACL adjustments, security device upgrades, or additional staff. Sumo Logic makes your AWS VPC Flow problems visible, and thus solvable.
Master Your Data
As the industry’s leading, secure cloud-based data analytics service, Sumo Logic can show you how to master your data. Our products and services take raw data and transform them into powerful insights you can literally see. Our unsurpassed visualization technology helps you make sense of traffic in your AWS environment and make smart, proactive decisions.
Other Sumo Apps
Sumo Logic Apps help you quickly gain visibility into your applications and infrastructure by providing preconfigured searches and dashboards for your most popular data sources.See the full list