EC2 instance experience massive inbound traffic spikes. Apache logs show normal usage

To make your life easier you would need to use a Monitoring Tool, Amazon offers CloudWatch which is a component of AWS that provides real time monitoring of AWS resources running on Amazon infrastructure it collect metrics and log. Try to go CloudWatch > Metrics > EC2 > Per Instance Metrics then try to filter by Metrics Name and see if you can figure out what has happened on your instance.

Hope this useful. Regards!

For analyzing your inbound traffic, please check the following link:

https://docs.aws.amazon.com/wellarchitected/latest/financial-services-industry-lens/monitor-vpc-flow-logs-for-abnormal-traffic-patterns.html

If you want to be better protected against DDoS attacks you may try to use the AWS Shield service. However, the AWS Shield in advanced option is a very expensive service, but the AWS Shield Standard option could be your first choice to protect the EC2 instance. You didn't mention at what layer the attack had in place. The layer 7 protection = AWS Shield Advanced.

setup nginx to require certain conditions of a location for all but a given source IP

Do I need to use the bundle-ca when generating a pfx?

Windows server how to install newest apache with php 5.6 [closed]

Mail Enable email headers when sending emails via ASP.NET

What kind of server has 416 cores?

Linux: disable wtmp/utmp, sshd ip logging and any mentions of ip that does remote access

How do I configure a Linux VPN Client to get into a network through a Fortigate firewall?

Powershell query lastlogondate (lastlogontimestamp) returning mostly blank values (not matching the ADSIedit value for corresponding user attribute)

Why is AWS S3 Object count is measured iin units used to measure file size?

Disable Clipboard Mapping and Remote Drive Mapping for RDP

How to win_ping to hosts with inventory and group_vars files?

Is it possible to retain IP address when stopping/starting an AWS EC2 instance?