Set-​Azure​Rm​Network​Watcher​Config​Flow​Log

Configures flow logging for a target resource.

Syntax

Set-AzureRmNetworkWatcherConfigFlowLog
   -EnableFlowLog <Boolean>
   [-EnableRetention <Boolean>]
   -NetworkWatcher <PSNetworkWatcher>
   [-RetentionInDays <Int32>]
   -StorageAccountId <String>
   -TargetResourceId <String>
   [-Confirm]
   [-WhatIf]
   [<CommonParameters>]
Set-AzureRmNetworkWatcherConfigFlowLog
   -EnableFlowLog <Boolean>
   [-EnableRetention <Boolean>]
   -NetworkWatcherName <String>
   -ResourceGroupName <String>
   [-RetentionInDays <Int32>]
   -StorageAccountId <String>
   -TargetResourceId <String>
   [-Confirm]
   [-WhatIf]
   [<CommonParameters>]

Description

The Set-AzureRmNetworkWatcherConfigFlowLog configures flow logging for a target resource. Properties to configure include: whether or not flow logging is enabled for the resource provided, the configured storage account to send logs, and the retention policy for the logs. Currently Network Security Groups are supported for flow logging.

Examples

--- Example 1: Configure Flow Logging for a Specified NSG ---

PS C:\> $NW = Get-AzurermNetworkWatcher -ResourceGroupName NetworkWatcherRg -Name NetworkWatcher_westcentralus
PS C:\> $nsg = Get-AzureRmNetworkSecurityGroup -ResourceGroupName NSGRG -Name appNSG
PS C:\> $storageId = "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123"
PS C:\> $storagePath = "https://contosostorageacct123.blob.core.windows.net/troubleshoot"


PS C:\>Start-AzureRmNetworkWatcherResourceTroubleshooting -NetworkWatcher $networkWatcher -TargetResourceId $target -StorageId $storageAccount.id -StoragePath $storagePath

TargetResourceId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Network/networkSecurityGroups/appNSG
Properties       : {
                     "Enabled": true,
                     "RetentionPolicy": {
                       "Days": 0,
                       "Enabled": false
                     },
                     "StorageId": "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123"
                   }

In this example we configure flow logging status for a Network Security Group. In the response, we see the specified NSG has flow logging enabled, and no retention policy set.

Required Parameters

-EnableFlowLog

Flag to enable/disable flow logging.

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-NetworkWatcher

The network watcher resource.

Type:PSNetworkWatcher
Position:Named
Default value:None
Accept pipeline input:True (ByValue)
Accept wildcard characters:False
-NetworkWatcherName

The name of network watcher.

Type:String
Aliases:Name
Position:Named
Default value:None
Accept pipeline input:True (ByValue)
Accept wildcard characters:False
-ResourceGroupName

The name of the network watcher resource group.

Type:String
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-StorageAccountId

ID of the storage account which is used to store the flow log.

Type:String
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-TargetResourceId

The target resource ID.

Type:String
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False

Optional Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-EnableRetention

Flag to enable/disable retention.

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-RetentionInDays

Number of days to retain flow log records.

Type:Int32
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Inputs

Microsoft.Azure.Commands.Network.Models.PSNetworkWatcher

System.String System.Boolean System.Int32

Outputs

Microsoft.Azure.Commands.Network.Models.PSFlowLog

Notes

Keywords: azure, azurerm, arm, resource, management, manager, network, networking, watcher, flow, logs, flowlog, logging