About Flowmill Flow Logs

Flowmill offers a feature currently in BETA to generate VPC Flow Logs. If you are not familiar with VPC flow logs, please see this page from Amazon. Flow logs can be an effective way to analyze traffic patterns, perform forensics, or measure cost. However, they can be expensive to obtain from a cloud provider, starting around $0.25/GB and may not be cost effective for most users.

How Flowmill Flow Logs works:

Cloud providers generate flow logs from within their networks, aggregate them, and sell them to their customers. Flowmill's eBPF kernel collector already tracks every socket in the operating system and can generate this data and relay it to an object store without incurring any additional cost.

Details:

  • You do not need to be a paying Flowmill customer of Flowmill to take advantage of this service.

  • The flow logs service is 100% free. We know the hard part of flow data is how you analyze it so we want to make it easy as possible for you to get.

  • The flow logs service is currently in private beta for AWS and GCP. Please contact us if you are interested in using it.

  • You must install the Flowmill agent in any instance in which you wish to generate logs. This could be a Linux VM or a node in a Kubernetes or ECS cluster.

  • Logs will be automatically deposited in S3 / Google Cloud Storage in the same format used by the cloud provider.

  • Logs can be configured to include both instance and container IP addresses where applicable.

Limitations

Since Flowmill Flow Logs are generated from within your instances, they will not detect traffic that has been blocked by security groups in the cloud provider.

Interested?

Sound interesting? Truly 100% free flow logs from your entire environment. Contact us to join the beta!

‚Äč