By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

NAT Gateway Traffic Capture for a Specific IP.

0

We want to Export Data For NGW which would give us the EC2 IP which is sending traffic outside via NAT Gateway. Currently we are following one doc and its giving Src Address of Nat Gateway Private IP however we are looking for EC2 IPs which are sending data out. Please let us know how to get the same. We are Using Cloud Watch Insight/Query to export the data.

https://aws.amazon.com/premiumsupport/knowledge-center/vpc-find-traffic-sources-nat-gateway/

Topics
Networking & Content Delivery
Tags
Amazon VPCVPC Flow Logs
Language
English
AWS-User-7892789
asked 2 years ago869 views
2 Answers
1

Here is a blog that describes this in detail: https://aws.amazon.com/blogs/aws/learn-from-your-vpc-flow-logs-with-additional-meta-data/

When you create a new VPC Flow Log, in addition to existing fields, you can now choose to add the following meta-data:

pkt-srcaddr : the packet-level IP address of the source. You typically use this field in conjunction with srcaddr to distinguish between the IP address of an intermediate layer through which traffic flows, such as a NAT gateway.

profile pictureAWS
EXPERT
Tushar_J
answered 2 years ago
0

Try enabling enriched flow logs as there are additional fields that are included - of interest are the source IP address of the flow before it has passed through NAT Gateway.

profile pictureAWS
EXPERT
Brettski-AWS
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content