A security team is auditing a company's AWS deployment and is concerned that two applications might be accessing resources that should be restricted by network ACLs and security groups. These applications are deployed across two Amazon EKS clusters using the Amazon VPC CNI plugin, located in separate subnets within the same VPC, with Cluster Autoscaler enabled. The team needs to identify which POD IP addresses are communicating with which services across the VPC, while minimizing the number of flow logs and focusing only on the traffic from these two applications. What solution will meet these requirements with the least operational overhead?