# Enable VPC flow logs

1. Navigate to VPC in the AWS console

![](/files/eqf0wCxTYd8sCUzreopm)

2. Under **Resources by Region** Select **VPCs**

![](/files/n5FfLexFy6F49Sop3CJ6)

3. The next step will use the CloudShell, where you'll copy and paste a CLI command to more efficiently and accurately enable working flow log configuration for your VPC.

Flow logs will be enabled with the following settings preconfigured:

* Traffic type: ALL
* Resource ID:
* Log destination type: S3
* Max aggregation interval: 1 minute

4. Open Cloudshell\
   You'll see a command prompt open up on the lower half of the screen

![](/files/wK1zkKNnGGAuTZ0oGsvR)

5. Copy and paste the command below, replace `<VPC ID>` with the VPC ID you want to enable flow logs for, and replace `<bucket name>` with the name of your S3 bucket created in a previous step.

{% tabs %}
{% tab title="CLI" %}

```shell
aws ec2 create-flow-logs \
  --resource-type VPC   \
  --resource-ids <VPC ID> \
  --traffic-type ALL   \
  --log-destination-type s3 \
  --log-destination arn:aws:s3:::<bucket name> \
  --log-format '${version} ${account-id} ${interface-id} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${protocol} ${packets} ${bytes} ${start} ${end} ${action} ${log-status} ${tcp-flags} ${type} ${pkt-dstaddr} ${pkt-srcaddr} ${instance-id} ${vpc-id} ${az-id} ${sublocation-id} ${sublocation-type} ${subnet-id}' \
  --max-aggregation-interval 1
```

{% endtab %}
{% endtabs %}

![](/files/cDPUCjT9qwE09TeMxxlK)

{% hint style="warning" %}
**🚧If the log format isn't specified exactly as it is in the above command, your integration will fail.**
{% endhint %}

6. Once you've pasted in the command, it should look like this:

![](/files/DJIBROTZiGAB4dOcQM1X)

7. Hit the enter key to run the command.

If you see the below, your flow logs have been successfully created.\
`"Unsuccessful":[]` means you were successful and no errors were indicated.

![](/files/uzwnwU0v7ogAPwkGZeXP)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.fusion.vectra.ai/quick-start/quickstart-aws/enable-vpc-flow-logs-1.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.