activity_dashboard_accepted_rejected_trafficactivity_dashboard_top_destination_ips_by_trafficactivity_dashboard_top_enis_by_trafficactivity_dashboard_top_source_destination_pairs_by_packetsactivity_dashboard_top_source_ips_by_rejected_trafficactivity_dashboard_top_source_ips_by_trafficactivity_dashboard_total_accepted_trafficactivity_dashboard_total_recordsactivity_dashboard_total_rejected_trafficactivity_dashboard_traffic_by_log_statusactivity_dashboard_traffic_by_protocolactivity_dashboard_traffic_by_regiondatabase_traffichigh_packet_trafficlarge_data_transferrdp_trafficssh_traffictraffic_with_unusual_protocols
Queries in AWS VPC Flow Log Detections
The AWS VPC Flow Log Detections mod includes 18 queries:
- activity_dashboard_accepted_rejected_traffic
- activity_dashboard_top_destination_ips_by_traffic
- activity_dashboard_top_enis_by_traffic
- activity_dashboard_top_source_destination_pairs_by_packets
- activity_dashboard_top_source_ips_by_rejected_traffic
- activity_dashboard_top_source_ips_by_traffic
- activity_dashboard_total_accepted_traffic
- activity_dashboard_total_records
- activity_dashboard_total_rejected_traffic
- activity_dashboard_traffic_by_log_status
- activity_dashboard_traffic_by_protocol
- activity_dashboard_traffic_by_region
- database_traffic
- high_packet_traffic
- large_data_transfer
- rdp_traffic
- ssh_traffic
- traffic_with_unusual_protocols