LAB: Monitoring ingress and egress traffic using flow logs

LAB: Monitoring ingress and egress traffic using flow logs

Task:

• Create a custom VPC using custom Subnet Creation Mode
• Analyze the Flow of traffic using VPC flow logs

Solution

Task 1: Create a Custom Mode VPC

Under VPC Network | Click on Create VPC Network

Under Create a VPC Network | Name: dclessons-vpc | Subnets: custom | New Subnet: Name: dclessons-us-central-subnet | Region: us-central1

IP Stack Type: IPV4, | IPv4 range: 10.0.2.0/24 | Private Google Access: Off | Flow Logs : ON | Click Done

Select All IPv4 Firewall rules as shown | Under Dynamic Routing Mode: Regional | Click Create

Task 2: Create an Instance

Under Compute Engine | VM Instance: Create Instance | Create Two instance | region us-central1(lowa), Zone: us-central1-a | Machine Configuration: Series : N1 , Machine Type: n1-standard-1

Under Identity & API Access | Service Account: No Service Account

Under Advance Option | Networking: Network Interfaces: Edit Network Interfaces: Network: dclessons-vpc | Click Done | Click Create

SSH to Instance 1   

Enter the below command and press Enter.

gcloud auth login --no-launch-browser -q

Paste the URL in Brower and Apply the code under Authorization code as shown in below figure

Enter the below command and replace <Internal IP> with the dclessons-instance-2 IP This command will send a packet to dclessons-instance-2 after every 5 seconds.

ping -n 5 10.0.2.3

Task 6: Exploring Logs Produced by VM

Under Operations click on Logging. | Click on Subnetworks under Resource Types from Log Fields Panel. | Click on compute.googleapis.com/vpc_flows under Log Name.