Posted On: Feb 19, 2020
You can now capture and aggregate your Amazon Virtual Private Cloud (Amazon VPC) flow logs at shorter intervals of up to 1 minute, giving you quicker visibility into your network traffic flows. With a 1-minute configuration, your VPC flow logs arrive in an expedited manner and provide more granular visibility into the sequence of events in a flow, thereby enabling you to accurately investigate and rapidly respond to security incidents, or troubleshoot connectivity issues faster.
To get started, you can choose a maximum aggregation interval (also known as capture window) of 1 minute while creating a new flow log using the Amazon Web Services Management Console, the Amazon Command Line Interface (Amazon CLI) or the Amazon Software Development Kit (Amazon SDK). Your flow logs will then be aggregated at intervals of up to 1 minute, before they are processed and published. By default, the maximum aggregation interval is 10 minutes.
There is no additional charge for flow logs with a maximum aggregation interval of 1 minute. Standard rates apply based on your choice of log destination. Learn about the pricing to deliver Amazon VPC flow logs to S3 or CloudWatch Logs here. For more information about Amazon VPC flow logs, please refer to the documentation.