This article provides an overview of cloud monitoring in the Kentik portal.
Kentik monitors your cloud environments giving you crucial visibility into your cloud resources.
Public Clouds and Flow Logs
In Kentik, a public cloud is a cloud provider from which flow logs, metadata, and/or metrics for your networks can be exported. Creating cloud exports (see Cloud Exports and Devices) in the Kentik portal gives you ongoing visibility into the health and performance of your cloud resources.
Kentik supports cloud exports from the following providers:
AWS (Amazon Web Services)
Azure (Microsoft)
GCP (Google Cloud Platform)
OCI (Oracle Cloud Infrastructure)
Flow Logs
A flow log is a collection of records detailing the network traffic that either originated or ended in a specific cloud resource. Each flow record contains information about a single flow, e.g., source/destination IPs, ports, protocol, byte count. These records are similar to flow records generated by devices on physical networks (e.g., NetFlow or sFlow, see About Flow), and are crucial for understanding network activity and performance within cloud environments.
Log-Generating Resources
Depending on the cloud provider, the resources that generate logs can include:
Virtual Private Cloud (VPC)
VNet
Subnet
Virtual Machine (VM)
Interface
Cloud Provider Setup
Cloud exports can be added to the Kentik portal in the following situations, and the process is the same:
At Initial Kentik Onboarding: Via the tasks on the Welcome Page.
At Any Time: Via the Public Clouds page at Settings » Public Clouds (see Public Clouds Page).
Process Overview
Logging Setup: Done in the cloud provider’s console, not in Kentik, this setup typically involves the following high-level steps:
Enable Flow Logs: Enable the creation of flow logs in a VPC, VNet, subnet, etc.
Create a Destination: Specify where the logs will be published.
Set Permissions: Allow access to the logs so they can be pulled into Kentik.
Create a Kentik Cloud Export: Configure a new "cloud export" in the Kentik portal to ingest data from the provider (see Cloud Exports and Devices).
Setup Workflows by Provider
Detailed instructions for setting up each provider, including steps in both the provider consoles and Kentik portal, are provided in the following articles:
Cloud Exports and Devices
In the Kentik portal, data from your cloud resources is captured/derived in Cloud Exports and Cloud Devices, the scope of which varies by cloud provider (see Cloud Device Derivation).
Note: Access your cloud exports and devices on the Public Clouds Page (Settings » Public Clouds).
Cloud Exports
Flow logs are exported to Kentik via a cloud export, a saved configuration that allows Kentik to access logs from a set of resources in a cloud provider on an ongoing basis. You can create multiple cloud exports per cloud provider. Each cloud export is listed on the Public Clouds Page and has a corresponding Cloud Details Page.
.png?sv=2022-11-02&spr=https&st=2025-08-08T11%3A55%3A21Z&se=2025-08-08T12%3A09%3A21Z&sr=c&sp=r&sig=xgn5Zu1Wa80rFq8rl2%2FMNEpvwuWa1eGvgv09hBfJYbw%3D)
Cloud exports are listed on the Public Clouds page.
Cloud Devices
The Devices column on the Public Clouds Page lists one or more cloud devices derived from each flow export. These devices are also listed on the Cloud Details Page for each export.
.png?sv=2022-11-02&spr=https&st=2025-08-08T11%3A55%3A21Z&se=2025-08-08T12%3A09%3A21Z&sr=c&sp=r&sig=xgn5Zu1Wa80rFq8rl2%2FMNEpvwuWa1eGvgv09hBfJYbw%3D)
Cloud devices are listed on the details page for a cloud export.
Note: Device names can be used to reference the device in Kentik queries using the "Device Name" in the filtering and group-by dimensions.
Cloud Device Derivation
A cloud device in Kentik does not necessarily correspond to an individual resource (e.g., subnet, VPC, or interface) hosted by your cloud provider. Kentik’s derivation of cloud devices depends on a number of factors, such as the log-collection setup in the cloud provider and the volume of flow records. For example, in cases of high flow record volume, Kentik may optimize the ingest of flow records by creating multiple cloud devices within a single cloud export.
The derivation for cloud devices varies by cloud provider as follows:
Cloud Provider | Observability Features | Cloud Export Scope | Cloud Device Scope | Log Configuration |
|---|---|---|---|---|
AWS |
| One export per S3 Bucket | One device for each VPC, subnet, or interface sending logs to the bucket | Configure flow logs for a VPC, subnet, or Elastic Network Interface (ENI) and publish them to an S3 bucket. |
Azure |
| One export per Storage Account | One device per export (default) | Configure Storage Accounts to capture logs from all VNets in a resource group in one Azure location (e.g., “UK South”). |
GCP |
| One export per Subscription to Pub/Sub Topic | One device per subnet publishing to the topic (default) |
|
OCI |
| One export per Object Storage bucket | One device for all resources contributing logs to the bucket | Configure for an entire VCN or selectively on specific subnets, VNICs, or resources (e.g., instances or load balancers). See Oracle article VCN Flow Logs. |
Portal Cloud Section
The Cloud section of the Kentik v4 portal provides both high-level and detailed information about your cloud-hosted resources in areas such as traffic volume, performance, costs, connectivity, and utilization. The information is presented in various forms depending on the cloud provider:
Cloud Page: Available to organizations with at least one cloud registered in Kentik, the Kentik Cloud page has an entity explorer and visualizations for each provider.
Traffic Trends and Overviews: Kentik-provided Dashboards for resources monitored in AWS, GCP, and Azure (see Cloud Traffic Overviews). Not available for OCI.
Performance Monitor: Accessible to organizations with at least one cloud registered in Kentik, the Cloud Performance page uses AWS metadata to identify resource elements and visualize critical paths to and from the cloud, also enabling performance monitoring with synthetic testing (see Synthetics).
Cloud Pathfinder: This workflow analyzes cloud metadata from Kentik-monitored environments and inventories subnets, instances, and VPCs to determine communication paths (see Cloud Pathfinder). Available for AWS and Azure only.
Kentik Kube: Designed for customers deploying Kubernetes clusters in the cloud and/or on premises, Kentik Kube uses a lightweight eBPF agent to provide detailed network traffic and performance visibility within and among Kubernetes clusters. (Note: If you’re not seeing Kentik Kube in your portal, it might not be enabled for your account. Please contact your Kentik Account Team).
.png?sv=2022-11-02&spr=https&st=2025-08-08T11%3A55%3A21Z&se=2025-08-08T12%3A09%3A21Z&sr=c&sp=r&sig=xgn5Zu1Wa80rFq8rl2%2FMNEpvwuWa1eGvgv09hBfJYbw%3D)
The cloud dashboards each provide an array of flow-based visualizations for a given cloud provider.