When you enable VPC flow logs, records will be created in CloudWatch Logs (or S3 if you choose so, but CloudWatch Logs is definitely better for debugging). There will be one log stream per network interface, and the format of the logs is like so:

version account-id interface-id srcaddr dstaddr srcport dstport protocol packets bytes start end action log-status

`action` will usually by ACCEPT or REJECT

Check out the AWS documentation for more information.

I work as a freelancer, so if you don’t want to do that kind of things yourself or don’t have the time, just drop me a line to hire me.