# IBM Cloud VPC Flow Logs via Cloud Object Storage Setup

This document provides instructions for configuring the collection of IBM Cloud VPC Flow Logs with IBM Cloud Object Storage.Note: VPC Flow Logs are only available on VPC Infrastructure Gen 2

### Console Steps <a href="#console-steps" id="console-steps"></a>

#### Create Cloud Object Storage Service <a href="#create-cloud-object-storage-service" id="create-cloud-object-storage-service"></a>

1. First create the cloud object storage service.
2. Using the search bar type "cloud object storage" to be brought to the configuration page.

   ![](/files/IOOekmeRhyT9V4izFIeN)
3. Select your desired storage plan, name your server, and select your resource group then click create.

   ![](/files/XPQAZSmhuoN8XF78PAyE)

#### Create Object Storage Bucket <a href="#create-object-storage-bucket" id="create-object-storage-bucket"></a>

1. From the Cloud Object Storage page click Buckets to create a storage bucket.

   ![](/files/qy6Ei8H6QNFcKvP3aaD6)
2. Choose a bucket name and add an expiration rule for as many days as you'd like to keep the raw logs.

   ![](/files/T2Fci3l8yJL0tdxKBTGz)

#### Create Service credentials <a href="#create-service-credentials" id="create-service-credentials"></a>

1. Click service credentials on the Cloud Object Service page to create credentials Netography will use to access the flow logs.
2. Give it a name and use the reader role.

   ![](/files/ewHYLt0nmvm9lnqcWtpx)
3. Click the chevron next to the key name as it will have the necessary information for the Netography Portal.

   ![](/files/gYILXWhBch1rgKTrSiKF)

#### Grant Service Authorizations <a href="#grant-service-authorizations" id="grant-service-authorizations"></a>

1. From the main menu bar click Manage > Access (IAM)

   ![](/files/96F25nuKOZvObo1h99D5)
2. The VPC Flow Logs need the ability to write to the Cloud Object Storage Bucket.
3. Click Authorizations in the left navigation.
4. Use Infrastructure Service for Source service.
5. This will then reveal the Resource Type drop down, select Flow Logs for VPC.
6. Then select Cloud Object Storage for Target service.
7. Select the Cloud Object Storage service we created earlier for the Service instance.
8. Select Write for the Service access.

   ![](/files/NjK3v0y3AxrSZAepzYko)

#### Create Flow Logs <a href="#create-flow-logs" id="create-flow-logs"></a>

1. In the main search bar type 'flow logs' and click Flow Logs for VPC.

   ![](/files/On6JwWoi299RQpfhyElk)
2. Provide a name for the flow log collector.
3. Select your resource group.
4. Attach it to the VPC
5. Select your VPC, Cloud Object Storage Service, and Bucket.
6. Click Create flow log

   ![](/files/GGRoehHHGSDGcVFTyfh8)
7. You should now see the flow log collector.
8. Click on the Object Storage Bucket to see the flow logs in the buck.

   ![](/files/3LijC0A1zAQvkkZb0KOX) ![](/files/V2MtYmB0Jnk1gUC6p9yW)

### Netography Portal Steps <a href="#netography-portal-steps" id="netography-portal-steps"></a>

Navigate to Traffic Sources, and click "Add Traffic Source", then select `IBM COS`

![](/files/7WvQ1cCBHtZOCqDvaxh2)

#### Configuration <a href="#configuration" id="configuration"></a>

The following fields are specific to the IBM COS configuration.

| Field    | Required | Description                 | Examples |
| -------- | -------- | --------------------------- | -------- |
| `Region` | yes      | Location of the flow source | us-east  |
| `Bucket` | yes      | The COS bucket name         |          |
| `Prefix` |          | Optional folder prefix      |          |

#### Authentication <a href="#authentication" id="authentication"></a>

The following fields are necessary for the integration to authenticate with IBM.

| Field                 | Required | Description                                                                                                                    |
| --------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------ |
| `API Key`             | yes      | The API key that is associated for the Service ID                                                                              |
| `Service Instance ID` | yes      | Unique identifier for the instance of Object Storage the credential accesses. This is also referred to as a service credential |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.fusion.vectra.ai/ingest-network-traffic-logs/flow-logs/ibm-cloud-flow-logs-via-cloud-object-storage.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.