Amazon Web Services (AWS) - List Flow Logs using the AWS CLI

by
Jeremy Canfield |
Updated: October 10 2023
| Amazon Web Services (AWS) articles
This assumes you have already configured the aws command line tool. If not, check out my article on Getting Started with the AWS CLI.
The aws ec2 describe-flow-logs command can be used to list the Flow Logs you have created.
aws ec2 describe-flow-logs
And here is an example of how to limit the output using the --query option.
aws ec2 describe-flow-logs --query 'FlowLogs[?LogDestinationType==`cloud-watch-logs`]'
Something like this should be returned.
[
{
"CreationTime": "2023-10-05T01:50:24.089000+00:00",
"DeliverLogsPermissionArn": "arn:aws:iam::123456789012:role/publishFlowLogs",
"DeliverLogsStatus": "SUCCESS",
"FlowLogId": "fl-00f4bbdec6dd110c6",
"FlowLogStatus": "ACTIVE",
"LogGroupName": "RDSOSMetrics",
"ResourceId": "vpc-0a9d4cb29e2748444",
"TrafficType": "ALL",
"LogDestinationType": "cloud-watch-logs",
"LogFormat": "${version} ${account-id} ${interface-id} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${protocol} ${packets} ${bytes} ${start} ${end} ${action} ${log-status}",
"Tags": [],
"MaxAggregationInterval": 600
}
]
Did you find this article helpful?
If so, consider buying me a coffee over at