Create an Azure Network Watcher instance

Network Watcher is a regional service that enables you to monitor and diagnose conditions at a network scenario level in, to, and from Azure. Scenario level monitoring enables you to diagnose problems at an end to end network level view. Network diagnostic and visualization tools available with Network Watcher help you understand, diagnose, and gain insights to your network in Azure.

Note

As Network Watcher currently only supports CLI 1.0, the instructions to create a new Network Watcher instance is provided for CLI 1.0.

Create a Network Watcher in the portal

Navigate to More Services > Networking > Network Watcher. You can select all the subscriptions you want to enable Network Watcher for. This action creates a Network Watcher in every region that is available.

create a network watcher

When you enable Network Watcher using the Portal, the name of the Network Watcher instance will automatically be set to NetworkWatcher_region_name where region_name corresponds to the Azure Region where the instance was enabled. For example, a Network Watcher enabled in West Central US region will be named NetworkWatcher_westcentralus

Additionally, the Network Watcher instance will automatically be added into a Resource Group called NetworkWatcherRG. This Resource Group will be created if it does not already exist.

If you wish to customize the name of a Network Watcher instance and the Resource Group it's placed into, you can use Powershell, the REST API, or ARMClient methods described below. In each option, the Resource Group must exist before you place the Network Watcher into it.

Create a Network Watcher with PowerShell

To create an instance of Network Watcher, run the following example:

New-AzureRmNetworkWatcher -Name "NetworkWatcher_westcentralus" -ResourceGroupName "NetworkWatcherRG" -Location "West Central US"

Create a Network Watcher with the REST API

ARMclient is used to call the REST API using PowerShell. ARMClient is found on chocolatey at ARMClient on Chocolatey

Log in with ARMClient

armclient login

Create the network watcher

$subscriptionId = '<subscription id>'
$networkWatcherName = '<name of network watcher>'
$resourceGroupName = '<resource group name>'
$apiversion = "2016-09-01"
$requestBody = @"
{
'location': 'West Central US'
}
"@

armclient put "https://management.azure.com/subscriptions/${subscriptionId}/resourceGroups/${resourceGroupName}/providers/Microsoft.Network/networkWatchers/${networkWatcherName}?api-version=${api-version}" $requestBody

Next steps

Now that you have an instance of Network Watcher, learn about the features available:

Once a Network Watcher instance has been created, package capture can be configured by following the article: Create an alert triggered packet capture