New-AzureRmPacketCaptureFilterConfig
Creates a new packet capture filter object.
Warning
The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.
Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.
Syntax
New-AzureRmPacketCaptureFilterConfig
[-Protocol <String>]
[-RemoteIPAddress <String>]
[-LocalIPAddress <String>]
[-LocalPort <String>]
[-RemotePort <String>]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Description
The New-AzureRmPacketCaptureFilterConfig cmdlet creates a new packet capture filter object. This object is used to restrict the type of packets that are captured during a packet capture session using the specified criteria. The New-AzureRmNetworkWatcherPacketCapture cmdlet can accept multiple filter objects to enable composable capture sessions.
Examples
Example 1: Create a Packet Capture with multiple filters
$nw = Get-AzurermResource | Where {$_.ResourceType -eq "Microsoft.Network/networkWatchers" -and $_.Location -eq "WestCentralUS" }
$networkWatcher = Get-AzureRmNetworkWatcher -Name $nw.Name -ResourceGroupName $nw.ResourceGroupName
$storageAccount = Get-AzureRmStorageAccount -ResourceGroupName contosoResourceGroup -Name contosostorage123
$filter1 = New-AzureRmPacketCaptureFilterConfig -Protocol TCP -RemoteIPAddress "1.1.1.1-255.255.255" -LocalIPAddress "10.0.0.3" -LocalPort "1-65535" -RemotePort "20;80;443"
$filter2 = New-AzureRmPacketCaptureFilterConfig -Protocol UDP
New-AzureRmNetworkWatcherPacketCapture -NetworkWatcher $networkWatcher -TargetVirtualMachineId $vm.Id -PacketCaptureName "PacketCaptureTest" -StorageAccountId $storageAccount.id -TimeLimitInSeconds 60 -Filters $filter1, $filter2In this example we create a packet capture named "PacketCaptureTest" with multiple filters and a time limit. Once the session is complete, it will be saved to the specified storage account. Note: The Azure Network Watcher extension must be installed on the target virtual machine to create packet captures.
Parameters
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure.
| Type: | IAzureContextContainer |
| Aliases: | AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-LocalIPAddress
Specifies the Local IP Address to filter on. Example inputs: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range. "127.0.0.1;127.0.0.5;" for multiple entries.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-LocalPort
Specifies the Local IP Address to filter on. Example inputs: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range. "127.0.0.1;127.0.0.5;" for multiple entries.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Protocol
Specifies the Procotol to filter on. Acceptable values "TCP","UDP","Any"
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-RemoteIPAddress
Specifies the remote IP address to filter on. Example inputs: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range. "127.0.0.1;127.0.0.5;" for multiple entries.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-RemotePort
Specifies the Remote Port to filter on. Remote port Example inputs: "80" for single port entry. "80-85" for range. "80;443;" for multiple entries.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Inputs
Parameters: Protocol (ByValue)
Outputs
Notes
Keywords: azure, azurerm, arm, resource, management, manager, network, networking, watcher, packet, capture, traffic, filter
Related Links
- New-AzureRmNetworkWatcher
- Get-AzureRmNetworkWatcher
- Remove-AzureRmNetworkWatcher
- Get-AzureRmNetworkWatcherNextHop
- Get-AzureRmNetworkWatcherSecurityGroupView
- Get-AzureRmNetworkWatcherTopology
- Start-AzureRmNetworkWatcherResourceTroubleshooting
- New-AzureRmNetworkWatcherPacketCapture
- New-AzureRmPacketCaptureFilterConfig
- Get-AzureRmNetworkWatcherPacketCapture
- Remove-AzureRmNetworkWatcherPacketCapture
- Stop-AzureRmNetworkWatcherPacketCapture
- New-AzureRmNetworkWatcherProtocolConfiguration
- Test-AzureRmNetworkWatcherIPFlow
- Test-AzureRmNetworkWatcherConnectivity
- Stop-AzureRmNetworkWatcherConnectionMonitor
- Start-AzureRmNetworkWatcherConnectionMonitor
- Set-AzureRmNetworkWatcherConnectionMonitor
- Set-AzureRmNetworkWatcherConfigFlowLog
- Remove-AzureRmNetworkWatcherConnectionMonitor
- New-AzureRmNetworkWatcherConnectionMonitor
- Get-AzureRmNetworkWatcherTroubleshootingResult
- Get-AzureRMNetworkWatcherReachabilityReport
- Get-AzureRmNetworkWatcherReachabilityProvidersList
- Get-AzureRmNetworkWatcherFlowLogStatus
- Get-AzureRmNetworkWatcherConnectionMonitorReport
- Get-AzureRmNetworkWatcherConnectionMonitor