تحرير

New-AzNetworkWatcherFlowLog

  • Reference
Module:
Az.Network

Create or update a flow log resource for the specified network security group.

Note

This is the previous version of our documentation. Please consult the most recent version for up-to-date information.

Syntax

New-AzNetworkWatcherFlowLog
   -NetworkWatcherName <String>
   -ResourceGroupName <String>
   -Name <String>
   -TargetResourceId <String>
   -StorageId <String>
   -Enabled <Boolean>
   [-EnableRetention <Boolean>]
   [-RetentionPolicyDays <Int32>]
   [-FormatType <String>]
   [-FormatVersion <Int32>]
   [-Tag <Hashtable>]
   [-Force]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-AzNetworkWatcherFlowLog
   -NetworkWatcher <PSNetworkWatcher>
   -Name <String>
   -TargetResourceId <String>
   -StorageId <String>
   -Enabled <Boolean>
   [-EnableRetention <Boolean>]
   [-RetentionPolicyDays <Int32>]
   [-FormatType <String>]
   [-FormatVersion <Int32>]
   [-Tag <Hashtable>]
   [-Force]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-AzNetworkWatcherFlowLog
   -NetworkWatcher <PSNetworkWatcher>
   -Name <String>
   -TargetResourceId <String>
   -StorageId <String>
   -Enabled <Boolean>
   [-EnableRetention <Boolean>]
   [-RetentionPolicyDays <Int32>]
   [-FormatType <String>]
   [-FormatVersion <Int32>]
   [-EnableTrafficAnalytics]
   [-TrafficAnalyticsWorkspaceId <String>]
   [-TrafficAnalyticsInterval <Int32>]
   [-Tag <Hashtable>]
   [-Force]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-AzNetworkWatcherFlowLog
   -NetworkWatcherName <String>
   -ResourceGroupName <String>
   -Name <String>
   -TargetResourceId <String>
   -StorageId <String>
   -Enabled <Boolean>
   [-EnableRetention <Boolean>]
   [-RetentionPolicyDays <Int32>]
   [-FormatType <String>]
   [-FormatVersion <Int32>]
   [-EnableTrafficAnalytics]
   [-TrafficAnalyticsWorkspaceId <String>]
   [-TrafficAnalyticsInterval <Int32>]
   [-Tag <Hashtable>]
   [-Force]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-AzNetworkWatcherFlowLog
   -Location <String>
   -Name <String>
   -TargetResourceId <String>
   -StorageId <String>
   -Enabled <Boolean>
   [-EnableRetention <Boolean>]
   [-RetentionPolicyDays <Int32>]
   [-FormatType <String>]
   [-FormatVersion <Int32>]
   [-Tag <Hashtable>]
   [-Force]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-AzNetworkWatcherFlowLog
   -Location <String>
   -Name <String>
   -TargetResourceId <String>
   -StorageId <String>
   -Enabled <Boolean>
   [-EnableRetention <Boolean>]
   [-RetentionPolicyDays <Int32>]
   [-FormatType <String>]
   [-FormatVersion <Int32>]
   [-EnableTrafficAnalytics]
   [-TrafficAnalyticsWorkspaceId <String>]
   [-TrafficAnalyticsInterval <Int32>]
   [-Tag <Hashtable>]
   [-Force]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

New-AzNetworkWatcherFlowLog command creates or updates a flow log resource for the specified network security group.

Examples

Example 1

PS C:\> New-AzNetworkWatcherFlowLog -Location eastus -Name pstest -TargetResourceId /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/MyFlowLog/providers/Microsoft.Network/networkSecurityGroups/MyNSG -StorageId /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/FlowLogsV2Demo/providers/Microsoft.Storage/storageAccounts/MyStorage -Enabled $true -EnableRetention $true -RetentionPolicyDays 5 -FormatVersion 2 -EnableTrafficAnalytics -TrafficAnalyticsWorkspaceId /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourcegroups/flowlogsv2demo/providers/Microsoft.OperationalInsights/workspaces/MyWorkspace

Name : pstest Id : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NetworkWatcherRG/provid ers/Microsoft.Network/networkWatchers/NetworkWatcher_eastus/FlowLogs/pstest Etag : W/"f6047360-d797-4ca6-a9ec-28b5aec5c768" ProvisioningState : Succeeded Location : eastus TargetResourceId : /subscriptions/56abfbd6-ec72-4ce9-831f-bc2b6f2c5505/resourceGroups/MyFlowLog/provide rs/Microsoft.Network/networkSecurityGroups/MyNSG StorageId : /subscriptions/56abfbd6-ec72-4ce9-831f-bc2b6f2c5505/resourceGroups/FlowLogsV2Demo/provider s/Microsoft.Storage/storageAccounts/MySTorage Enabled : True RetentionPolicy : { "Days": 5, "Enabled": true } Format : { "Type": "JSON", "Version": 2 } FlowAnalyticsConfiguration : { "networkWatcherFlowAnalyticsConfiguration": { "enabled": true, "workspaceId": "bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb", "workspaceRegion": "eastus", "workspaceResourceId": "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourcegr oups/flowlogsv2demo/providers/Microsoft.OperationalInsights/workspaces/MyWorkspace", "trafficAnalyticsInterval": 60 } }

Example 2

PS C:\> New-AzNetworkWatcherFlowLog -Location eastus -Name pstest -TargetResourceId /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/MyFlowLog/providers/Microsoft.Network/networkSecurityGroups/MyNSG -StorageId /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/FlowLogsV2Demo/providers/Microsoft.Storage/storageAccounts/MyStorage -Enabled $false -EnableTrafficAnalytics:$false

If you want to disable flowLog resource for which TrafficAnalytics is configured, it is necessary to disable TrafficAnalytics as well. It can be done like in the example 2.

Name : pstest Id : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NetworkWatcherRG/provid ers/Microsoft.Network/networkWatchers/NetworkWatcher_eastus/FlowLogs/pstest Etag : W/"f6047360-d797-4ca6-a9ec-28b5aec5c768" ProvisioningState : Succeeded Location : eastus TargetResourceId : /subscriptions/56abfbd6-ec72-4ce9-831f-bc2b6f2c5505/resourceGroups/MyFlowLog/provide rs/Microsoft.Network/networkSecurityGroups/MyNSG StorageId : /subscriptions/56abfbd6-ec72-4ce9-831f-bc2b6f2c5505/resourceGroups/FlowLogsV2Demo/provider s/Microsoft.Storage/storageAccounts/MySTorage Enabled : False RetentionPolicy : { "Days": 0, "Enabled": false } Format : { "Type": "JSON", "Version": 1 } FlowAnalyticsConfiguration : { "networkWatcherFlowAnalyticsConfiguration": { "enabled": false, "trafficAnalyticsInterval": 60 } }

Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Enabled

Flag to enable/disable flow logging.

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-EnableRetention

Flag to enable/disable retention.

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-EnableTrafficAnalytics

Flag to enable/disable TrafficAnalytics

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Force

Do not ask for confirmation if you want to overwrite a resource

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-FormatType

The file type of flow log. The only supported value now is 'JSON'.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-FormatVersion

The version (revision) of the flow log.

Type:Int32
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Location

Location of the network watcher.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Name

The flow log name.

Type:String
Aliases:FlowLogName
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-NetworkWatcher

The network watcher resource.

Type:PSNetworkWatcher
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
-NetworkWatcherName

The name of network watcher.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ResourceGroupName

The name of the network watcher resource group.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-RetentionPolicyDays

Number of days to retain flow log records.

Type:Int32
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-StorageId

ID of the storage account which is used to store the flow log.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-Tag

A hashtable which represents resource tags.

Type:Hashtable
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-TargetResourceId

ID of network security group to which flow log will be applied.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-TrafficAnalyticsInterval

The interval in minutes which would decide how frequently TA service should do flow analytics.

Type:Int32
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-TrafficAnalyticsWorkspaceId

Resource Id of the attached workspace.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Inputs

PSNetworkWatcher

Outputs

PSFlowLogResource