Skip to content

juddin927/scripts

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
query_cloudwatch_log.py
query_cloudwatch_log.py
 
 

Repository files navigation

scripts

Useful scripts list query_cloudwatch_log.py : This is a quick script written in python that can query various fields in AWS VPC flow logs extracted from Cloudwatch. Cloudwatch doesnt support advanced querying where you will have to check src_ip against a known IP list. This scripts will allow you to load existing list of IPs from a CSV and match that against the src_ip in VPC Flow logs.

Example usage of query_cloudwatch_log.py

  1. Create an extract request to S3 using CloudWatch console.
  2. Download the logs from S3 using AWS CLI.
  3. Run the script on the log dir.
  4. Provide path for log dir.
  5. Provide allowed IP list path using file (CSV) path.

About

No description, website, or topics provided.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages