Fortinet black logo

AWS Traffic Log Configuration

Copy Link
Copy Doc ID 92974f8e-fceb-11e9-8977-00505692583a:31614

AWS Traffic Log Configuration

FortiCWP consolidates Amazon cloud traffic logs of all virtual private cloud resources and present in a graphical user interface. By enabling traffic log, FortiCWP lets you be able to monitor all inbound and outbound traffic visually, and remediate suspicious activities on AWS Cloud. To activate Traffic feature on FortiCWP, AWS flow logs needs to be enabled.

Prerequisite

An active Amazon AWS account installed on FortiCWP is required to enable Traffic logging.

For installing Amazon AWS account on FortiCWP, please refer to Getting Started > Amazon Web Services

Create log group on AWS
  1. Log into AWS portal: https://console.aws.amazon.com/
  2. Click on Services and search for "cloudwatch".
  3. Click on Logs from left menu.
  4. Click on Get Started. then click on Create log group in welcome page.
  5. Give a log group name and keep the log group name for later use.
  6. Click OK to finish creating log group.

Enable flow log in VPC
  1. Click on Services and search for "VPC".
  2. In VPC Dashboard, click Your VPCs.
  3. Select all the VPC that you want to create flow log, right click, and select Create flow log.
  4. In Filter field, click on drop down menu to select All.
  5. Make sure Destination has Send to CloudWatch Logs selected.
  6. In Destination log group, enter the log group name created earlier.
  7. Click on Set Up Permissions Under IAM role to grant permission.
  8. In the new pop-up screen, next to IAM Role, make sure flowlogsRole is selected, for Policy Name, make sure Create a new Role Policy is selected.
  9. Click Allow.
  10. Go back to Create flow log page, next to IAM role, select flowlogsRole. Then go to step 12.
  11. If flowlogsRole is not in the selection, this means that you are setting up VPC flow log for the first time. Click Set Up Permissions to set up a new Role.

  12. When Flow Logs Role creation page pop-up, click Allow to grant permission to create a Role with the name flowlogsRole.
  13. Now go back to "Create flow log" page, select flowlogsRole under IAM role, then click Create to complete the setup.

FortiCWP is now able to extract cloud traffic data from AWS and present in Traffic on FortiCWP.

AWS Traffic Log Configuration

FortiCWP consolidates Amazon cloud traffic logs of all virtual private cloud resources and present in a graphical user interface. By enabling traffic log, FortiCWP lets you be able to monitor all inbound and outbound traffic visually, and remediate suspicious activities on AWS Cloud. To activate Traffic feature on FortiCWP, AWS flow logs needs to be enabled.

Prerequisite

An active Amazon AWS account installed on FortiCWP is required to enable Traffic logging.

For installing Amazon AWS account on FortiCWP, please refer to Getting Started > Amazon Web Services

Create log group on AWS
  1. Log into AWS portal: https://console.aws.amazon.com/
  2. Click on Services and search for "cloudwatch".
  3. Click on Logs from left menu.
  4. Click on Get Started. then click on Create log group in welcome page.
  5. Give a log group name and keep the log group name for later use.
  6. Click OK to finish creating log group.

Enable flow log in VPC
  1. Click on Services and search for "VPC".
  2. In VPC Dashboard, click Your VPCs.
  3. Select all the VPC that you want to create flow log, right click, and select Create flow log.
  4. In Filter field, click on drop down menu to select All.
  5. Make sure Destination has Send to CloudWatch Logs selected.
  6. In Destination log group, enter the log group name created earlier.
  7. Click on Set Up Permissions Under IAM role to grant permission.
  8. In the new pop-up screen, next to IAM Role, make sure flowlogsRole is selected, for Policy Name, make sure Create a new Role Policy is selected.
  9. Click Allow.
  10. Go back to Create flow log page, next to IAM role, select flowlogsRole. Then go to step 12.
  11. If flowlogsRole is not in the selection, this means that you are setting up VPC flow log for the first time. Click Set Up Permissions to set up a new Role.

  12. When Flow Logs Role creation page pop-up, click Allow to grant permission to create a Role with the name flowlogsRole.
  13. Now go back to "Create flow log" page, select flowlogsRole under IAM role, then click Create to complete the setup.

FortiCWP is now able to extract cloud traffic data from AWS and present in Traffic on FortiCWP.