All Products
Search

This Product

    Smart Access Gateway:Create a flow log

    Document Center

    Smart Access Gateway:Create a flow log

    Last Updated:Aug 27, 2024

    SAG-1000 devices support flow logs. Flow logs can be used to capture the information about the inbound and outbound traffic of the associated SAG-1000 devices. You can monitor network traffic and troubleshoot errors based on the captured information. To capture traffic information, you must create a flow log.

    Prerequisites

    • To store flow logs in Simple Log Service, make sure that the following prerequisites are met:

    • To store flow logs on a NetFlow collector, make sure that network connections are established between the Smart Access Gateway (SAG) device and the NetFlow collector.

    • The first time that you create a flow log, you must click Authorize Now on the Flow Log page to go to the Resource Access Management (RAM) console and assign the AliyunVPCLogArchiveRole role to SAG.

    Procedure

    1. Log on to the SAG console.

    2. In the top navigation bar, select the region where you want to create a flow log.

    3. In the left-side navigation pane, click Flow Logs. On the Flow Logs page, click Create Flow Log.

    4. In the Create Flow Log panel, configure the parameters and click OK.

      You can store log data in a Logstore of Simple Log Service, on a NetFlow collector, or both. The following table describes the parameters.

      Parameter

      Description

      Resource Group

      Select a resource group for the flow log.

      Name

      Enter a name for the flow log.

      Output Interval Under Active Connections

      Specify the interval at which log data of active network connections is collected. Unit: seconds. Valid values: 60 to 6000. Default value: 300.

      Output Interval Under Inactive Connections

      Specify the interval at which log data of inactive network connections is collected. Unit: seconds. Valid values: 10 to 600. Default value: 15.

      Deliver Flow Log Data To

      Specify where you want to store the log data.

      • To store the log data in Simple Log Service, select SLS and configure the following parameters:

        • Log Service Region: The region where Simple Log Service is deployed.

        • Log Service Project: The project to which the Logstore belongs.

        • Log Service Logstore: The Logstore where the log data is stored.

      • To store the log data on a NetFlow collector, select Netflow and configure the following parameters:

        • NetFlow Collector Address: Enter the IP address of the NetFlow collector, for example, 192.168.0.2.

        • NetFlow Collector Port: Enter the port of the NetFlow collector. Default value: 9995.

        • NetFlow Version: Valid values: V5, V9, and V10. Default value: V9.

      • To store the log data both in Simple Log Service and on a NetFlow collector, select ALL. You must configure all the required parameters of Simple Log Service and the NetFlow collector.