If I want to check that how many MBps traffic and top 10 IPs from source IP 10.20.33.39?
Go to AWS CloudWatch > Logs > Logs Insights:
1. Select log group(s)
2. Select Time Range (1 week)
3. Input you query code
filter (srcAddr like '10.20.33.39') | stats sum(bytes)/1000000 as bytesTransferred by srcAddr, dstAddr | sort bytesTransferred desc | limit 10
4. Run query
Checking how many MBps traffic and top 10 IPs to destination IP 10.20.33.39.
filter (dstAddr like '10.20.33.39') | stats sum(bytes)/1000000 as bytesTransferred by srcAddr, dstAddr | sort bytesTransferred desc | limit 10
Reference:
1. Amazon CloudWatch Logs Sample queries:
https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax-examples.html
最初發表 / 最後更新: 2021.10.06 / 2021.10.06
最初發表 / 最後更新: 2021.10.06 / 2021.10.06
0 comments:
張貼留言