Connect this data source on your own, using the Hunters platform.
Overview
Table name:
aws_transit_gateway_flow_logs
AWS Transit Gateway flow logs provide detailed information about the IP traffic traversing through an AWS Transit Gateway, which connects VPCs and on-premises networks. These logs capture metadata such as source and destination IP addresses, ports, protocols, and the number of packets and bytes transferred, allowing administrators to monitor, analyze, and troubleshoot network traffic. By leveraging Transit Gateway flow logs, organizations can gain valuable insights into their network traffic patterns, enhance security by detecting anomalies, and optimize network performance.
Send data to Hunters
To connect AWS Transit Gateway flow logs:
Follow this guide to export Transit Gateway flow logs to an S3 bucket.
Once the export is completed and the logs are collected to S3, follow the steps in this section.
Expected format
{"version": 6, "resource_type": "TransitGateway", "account_id": "223933050157", "tgw_id": "tgw-07c1f097f2d41c990", "tgw_attachment_id": "tgw-attach-029f9251ab8e87041", "tgw_src_vpc_account_id": "223933050157", "tgw_dst_vpc_account_id": "511419982453", "tgw_src_vpc_id": "vpc-083140a8f0439c304", "tgw_dst_vpc_id": "vpc-0f7229be68e9cf9ca", "tgw_src_subnet_id": "subnet-061d86ff4cbc2fbcf", "tgw_dst_subnet_id": "subnet-04bc031ef8e8858b0", "tgw_src_eni": "eni-0eaaa11beeaa2de76", "tgw_dst_eni": "eni-014e2764f83aab9b1", "tgw_src_az_id": "euc1-az2", "tgw_dst_az_id": "euc1-az2", "tgw_pair_attachment_id": "tgw-attach-06297e7cdc99ac901", "srcaddr": "1.2.3.4", "dstaddr": "1.2.3.4", "srcport": 443, "dstport": 57896, "protocol": 6, "packets": 19, "bytes": 6781, "start": 1711408200, "end": 1711408259, "log_status": "OK", "type": "IPv4", "packets_lost_no_route": 0, "packets_lost_blackhole": 0, "packets_lost_mtu_exceeded": 0, "packets_lost_ttl_expired": 0, "tcp_flags": 27, "region": "eu-central-1", "flow_direction": "egress", "pkt_src_aws_service": "AMAZON", "pkt_dst_aws_service": "-"}