We ran SSH between 2 VMs and were monitoring the flow logs. All we could see was records like these:
1621126416,10.3.0.4,10.2.0.4,42598,5201,T,I,A,B,,,,
We waited for a long time but did not see any records with C or E values in Flow State flag as those records have the byte counters.
Here's the doc describing v2 flow logs:https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-portal#view-flow-log
And here's the description of the flow state flag from that link:
Captures the state of the flow. Possible states are B: Begin, when a flow is created. Statistics aren't provided. C: Continuing for an ongoing flow. Statistics are provided at 5-minute intervals. E: End, when a flow is terminated. Statistics are provided.
Can you please let us know how can we get flow records with flow state flag as C and E.
