AWS Client VPN connection logs

You can enable connection logging for a new or existing Client VPN endpoint, and start capturing connection logs. Connection logs show the sequence of log events for the Client VPN endpoint. When you enable connection logging, you can specify the name of a log stream in the log group. If you do not specify a log stream, the Client VPN service creates one for you. Connection logging then logs the following information: client connection requests, client connection results (successful or unsuccessful), reasons for unsuccessful connection results, and the client termination time from the endpoint.

Before you begin, you must have a CloudWatch Logs log group in your account. For more information, see Working with Log Groups and Log Streams in the Amazon CloudWatch Logs User Guide. Charges apply for using CloudWatch Logs. For more information, see Amazon CloudWatch pricing.

Client VPN connection logs can be created using either the Amazon VPC Console or the AWS CLI.

Tasks

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Delete an endpoint

Enable connection logging for a new endpoint