--- title: AWS VPN description: |- AWS VPN lets you establish a secure and private tunnel from your network or device to the AWS global network. breadcrumbs: Docs > Integrations > AWS VPN --- # AWS VPN Integration version1.0.0 ## Overview{% #overview %} AWS VPN lets you establish a secure and private tunnel from your network or device to the AWS global network. Enable this integration to see all your VPN metrics in Datadog. ## Setup{% #setup %} ### Installation{% #installation %} If you haven't already, set up the [Amazon Web Services integration](https://docs.datadoghq.com/integrations/amazon_web_services/) first. ### Metric collection{% #metric-collection %} 1. In the [AWS integration page](https://app.datadoghq.com/integrations/amazon-web-services), ensure that `VPN` is enabled under the `Metric Collection` tab. 1. Install the [Datadog - AWS VPN integration](https://app.datadoghq.com/integrations/amazon-vpn). ### Log collection{% #log-collection %} #### Enable logging{% #enable-logging %} Configure AWS VPN to send logs either to a S3 bucket or to CloudWatch. **Note**: If you log to a S3 bucket, make sure that `amazon_vpn` is set as *Target prefix*. #### Send logs to Datadog{% #send-logs-to-datadog %} **Note**: Datadog's [automatic trigger setup](https://docs.datadoghq.com/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function/?tab=awsconsole#automatically-set-up-triggers) is available for CloudWatch log groups only. For S3 buckets, use the [manual trigger setup](https://docs.datadoghq.com/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function/#collecting-logs-from-s3-buckets). 1. If you haven't already, set up the [Datadog Forwarder Lambda function](https://docs.datadoghq.com/logs/guide/forwarder/). 1. Once the Lambda function is installed, manually add a trigger on the S3 bucket or CloudWatch log group that contains your AWS VPN logs in the AWS console: - [Add a manual trigger on the S3 bucket](https://docs.datadoghq.com/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function/#collecting-logs-from-s3-buckets) - [Add a manual trigger on the CloudWatch Log Group](https://docs.datadoghq.com/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function/#collecting-logs-from-cloudwatch-log-group) ## Data Collected{% #data-collected %} ### Metrics{% #metrics %} | | | | | **aws.vpn.tunnel\_data\_in**(count) | The average number of bytes that have come in through the VPN tunnel*Shown as byte* | | **aws.vpn.tunnel\_data\_in.sum**(count) | The total number of bytes that have come in through the VPN tunnel*Shown as byte* | | **aws.vpn.tunnel\_data\_out**(count) | The average number of bytes that have gone out through the VPN tunnel*Shown as byte* | | **aws.vpn.tunnel\_data\_out.sum**(count) | The total number of bytes that have gone out through the VPN tunnel*Shown as byte* | | **aws.vpn.tunnel\_state**(gauge) | This metric is 1 when all tunnels for the VPN are up, and 0 when all tunnels are down. Values between 0 and 1 indicate some tunnels for the VPN are up. | | **aws.vpn.tunnel\_state.minimum**(gauge) | This metric is 1 when all tunnels for the VPN are up, and 0 when any tunnel is down. | | **aws.vpn.tunnel\_state.maximum**(gauge) | This metric is 1 when any tunnel for the VPN is up, and 0 when all tunnels are down. | ### Events{% #events %} The AWS VPN integration does not include any events. ### Service Checks{% #service-checks %} The AWS VPN integration does not include any service checks. ## Troubleshooting{% #troubleshooting %} Need help? Contact [Datadog support](https://docs.datadoghq.com/help/).