Your company currently has a set of EC2 Instances hosted in a VPC.
The IT Security department wants to find out the traffic details that had caused an issue on one of the instances.
What can you do to zero in on the IP addresses which are receiving a flurry of requests?
Click on the arrows to vote for the correct answer
A. B. C. D.The best option to zero in on the IP addresses which are receiving a flurry of requests on an EC2 instance is to use VPC Flow logs.
VPC Flow logs capture information about the IP traffic going to and from network interfaces in an Amazon VPC. This includes details such as the source and destination IP addresses, port numbers, protocols, and packet and byte counts. By analyzing VPC flow logs, you can gain visibility into the traffic flowing in and out of your VPC and understand what's happening with your network traffic.
To use VPC flow logs to get the IP addresses accessing the EC2 instances, you can follow these steps:
Using AWS CloudTrail, AWS Config, or AWS Trusted Advisor will not provide you with the IP addresses accessing the EC2 instances. AWS CloudTrail provides a record of actions taken by a user, role, or AWS service in AWS, whereas AWS Config provides a detailed inventory of your AWS resources and their configuration history. AWS Trusted Advisor is a tool that helps you optimize your AWS infrastructure, identify security risks, and reduce costs. However, none of these services are designed to provide the level of detail needed to zero in on the IP addresses causing issues on an EC2 instance.