What should the SysOps administrator do to ensure that all traffic is logged?

By:
In: SOA-C02
Tagged:
With: 1 Comment
A SysOps administrator is reviewing VPC Flow Logs to troubleshoot connectivity issues in a VPC.While reviewing the logs, the SysOps administrator notices that rejected traffic is not listed.

What should the SysOps administrator do to ensure that all traffic is logged?

Create a new flow log that has a filter setting to capture all traffic.

Create a new flow log. Set the log record format to a custom format. Select the proper fields to include in the log.

Edit the existing flow log. Change the filter setting to capture all traffic.

Edit the existing flow log. Set the log record format to a custom format. Select the proper fields to include in the log.

Explanations:

Creating a new flow log with a filter set to capture all traffic will ensure that both accepted and rejected traffic are logged.

Changing the log record format or selecting custom fields does not affect the traffic filter setting and thus does not capture rejected traffic.

Existing flow logs cannot be edited to change the filter settings; a new flow log must be created for any filter adjustments.

Adjusting the log record format or fields in the existing flow log will not capture rejected traffic unless the filter is set to “all,” which requires a new log creation.

2025-09-30

1 Comment

  1. Karen
    Author

    I chart that the answer is:
    Create a new flow log that has a filter setting to capture all traffic.

Leave a Reply

Your email address will not be published. Required fields are marked *

20 − 7 =