Set-AzNetworkWatcherConfigFlowLog
Configura el registro de flujos para un recurso de destino.
Syntax
Set-AzNetworkWatcherConfigFlowLog
-NetworkWatcher <PSNetworkWatcher>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-NetworkWatcher <PSNetworkWatcher>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-EnableTrafficAnalytics]
-Workspace <IOperationalInsightWorkspace>
[-TrafficAnalyticsInterval <Int32>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-NetworkWatcher <PSNetworkWatcher>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-EnableTrafficAnalytics]
-WorkspaceResourceId <String>
-WorkspaceGUID <String>
-WorkspaceLocation <String>
[-TrafficAnalyticsInterval <Int32>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-NetworkWatcherName <String>
-ResourceGroupName <String>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-EnableTrafficAnalytics]
-Workspace <IOperationalInsightWorkspace>
[-TrafficAnalyticsInterval <Int32>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-NetworkWatcherName <String>
-ResourceGroupName <String>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-EnableTrafficAnalytics]
-WorkspaceResourceId <String>
-WorkspaceGUID <String>
-WorkspaceLocation <String>
[-TrafficAnalyticsInterval <Int32>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-NetworkWatcherName <String>
-ResourceGroupName <String>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-Location <String>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-EnableTrafficAnalytics]
-Workspace <IOperationalInsightWorkspace>
[-TrafficAnalyticsInterval <Int32>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-Location <String>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-EnableTrafficAnalytics]
-WorkspaceResourceId <String>
-WorkspaceGUID <String>
-WorkspaceLocation <String>
[-TrafficAnalyticsInterval <Int32>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-Location <String>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
Set-AzNetworkWatcherConfigFlowLog configura el registro de flujo para un recurso de destino. Entre las propiedades que se van a configurar se incluyen: si el registro de flujo está habilitado para el recurso proporcionado, la cuenta de almacenamiento configurada para enviar registros, el formato de registro de flujo y la directiva de retención para los registros. Actualmente, se admiten grupos de seguridad de red para el registro de flujos.
Ejemplos
Ejemplo 1: Configurar el registro de flujo para un grupo de seguridad de red especificado
$NW = Get-AzNetworkWatcher -ResourceGroupName NetworkWatcherRg -Name NetworkWatcher_westcentralus
$nsg = Get-AzNetworkSecurityGroup -ResourceGroupName NSGRG -Name appNSG
$storageId = "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123"
Set-AzNetworkWatcherConfigFlowLog -NetworkWatcher $NW -TargetResourceId $nsg.Id -EnableFlowLog $true -StorageAccountId $storageID
TargetResourceId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Network/networkSecurityGroups/appNSG
StorageId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123
Enabled : True
RetentionPolicy : {
"Days": 0,
"Enabled": false
}
Format : {
"Type ": "Json",
"Version": 1
}En este ejemplo se configura el estado de registro de flujo para un grupo de seguridad de red. En la respuesta, vemos que el grupo de seguridad de red especificado tiene habilitado el registro de flujo, el formato predeterminado y ningún conjunto de directivas de retención.
Ejemplo 2: Configurar el registro de flujo para un NSG especificado y establecer la versión del registro de flujo en 2.
$NW = Get-AzNetworkWatcher -ResourceGroupName NetworkWatcherRg -Name NetworkWatcher_westcentralus
$nsg = Get-AzNetworkSecurityGroup -ResourceGroupName NSGRG -Name appNSG
$storageId = "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123"
Set-AzNetworkWatcherConfigFlowLog -NetworkWatcher $NW -TargetResourceId $nsg.Id -EnableFlowLog $true -StorageAccountId $storageID -FormatVersion 2
TargetResourceId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Network/networkSecurityGroups/appNSG
StorageId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123
Enabled : True
RetentionPolicy : {
"Days": 0,
"Enabled": false
}
Format : {
"Type ": "Json",
"Version": 2
}En este ejemplo, se configura el registro de flujo en un grupo de seguridad de red (NSG) con los registros de la versión 2 especificados. En la respuesta, vemos que el grupo de seguridad de red especificado tiene habilitado el registro de flujo, se establece el formato y no hay ninguna directiva de retención configurada. Si la región no admite la versión especificada, Network Watcher escribirá la versión admitida predeterminada en la región.
Ejemplo 3: Configuración del registro de flujo y análisis de tráfico para un grupo de seguridad de red especificado
$NW = Get-AzNetworkWatcher -ResourceGroupName NetworkWatcherRg -Name NetworkWatcher_westcentralus
$nsg = Get-AzNetworkSecurityGroup -ResourceGroupName NSGRG -Name appNSG
$storageId = "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123"
$workspace = Get-AzOperationalInsightsWorkspace -Name WorkspaceName -ResourceGroupName WorkspaceRg
Set-AzNetworkWatcherConfigFlowLog -NetworkWatcher $NW -TargetResourceId $nsg.Id -EnableFlowLog $true -StorageAccountId $storageID -EnableTrafficAnalytics -Workspace $workspace -TrafficAnalyticsInterval 60
TargetResourceId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Network/networkSecurityGroups/appNSG
StorageId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123
Enabled : True
RetentionPolicy : {
"Days": 0,
"Enabled": false
}
Format : {
"Type ": "Json",
"Version": 1
}
FlowAnalyticsConfiguration : {
"networkWatcherFlowAnalyticsConfiguration": {
"enabled": true,
"workspaceId": "bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb",
"workspaceRegion": "WorkspaceLocation",
"workspaceResourceId": "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourcegroups/WorkspaceRg/providers/microsoft.operationalinsights/workspaces/WorkspaceName",
"TrafficAnalyticsInterval": 60
}
}En este ejemplo se configura el estado de registro de flujo y Análisis de tráfico para un grupo de seguridad de red. En la respuesta, vemos que el grupo de seguridad de red especificado tiene habilitado el registro de flujo y Análisis de tráfico, el formato predeterminado y ningún conjunto de directivas de retención.
Ejemplo 4: Deshabilitar análisis de tráfico para un grupo de seguridad de red especificado con el registro de flujo y análisis de tráfico configurados
$NW = Get-AzNetworkWatcher -ResourceGroupName NetworkWatcherRg -Name NetworkWatcher_westcentralus
$nsg = Get-AzNetworkSecurityGroup -ResourceGroupName NSGRG -Name appNSG
$storageId = "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123"
$workspace = Get-AzOperationalInsightsWorkspace -Name WorkspaceName -ResourceGroupName WorkspaceRg
Set-AzNetworkWatcherConfigFlowLog -NetworkWatcher $NW -TargetResourceId $nsg.Id -EnableFlowLog $true -StorageAccountId $storageID -EnableTrafficAnalytics -Workspace $workspace -TrafficAnalyticsInterval 60
Set-AzNetworkWatcherConfigFlowLog -NetworkWatcher $NW -TargetResourceId $nsg.Id -EnableFlowLog $true -StorageAccountId $storageID -EnableTrafficAnalytics:$false -Workspace $workspace
TargetResourceId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Network/networkSecurityGroups/appNSG
StorageId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123
Enabled : True
RetentionPolicy : {
"Days": 0,
"Enabled": false
}
Format : {
"Type ": "Json",
"Version": 1
}
FlowAnalyticsConfiguration : {
"networkWatcherFlowAnalyticsConfiguration": {
"enabled": false,
"workspaceId": "bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb",
"workspaceRegion": "WorkspaceLocation",
"workspaceResourceId": "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourcegroups/WorkspaceRg/providers/microsoft.operationalinsights/workspaces/WorkspaceName",
"TrafficAnalyticsInterval": 60
}
}En este ejemplo, deshabilitamos Análisis de tráfico para un grupo de seguridad de red que tiene el registro de flujo y Análisis de tráfico configurados anteriormente. En la respuesta, vemos que el grupo de seguridad de red especificado tiene habilitado el registro de flujo, pero Traffic Analytics está deshabilitado.
Parámetros
-AsJob
Ejecución del cmdlet en segundo plano
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Le solicita su confirmación antes de ejecutar el cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
Las credenciales, la cuenta, el inquilino y la suscripción que se usan para la comunicación con Azure.
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-EnableFlowLog
Marca para habilitar o deshabilitar el registro de flujo.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-EnableRetention
Marca para habilitar o deshabilitar la retención.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-EnableTrafficAnalytics
Marca para habilitar o deshabilitar la retención.
| Type: | SwitchParameter |
| Aliases: | EnableTA |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-FormatType
Tipo de formato de registro de flujo.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-FormatVersion
Versión del formato del registro de flujo.
| Type: | Nullable<T>[Int32] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Location
Ubicación del monitor de red.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-NetworkWatcher
Recurso de Network Watcher.
| Type: | PSNetworkWatcher |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-NetworkWatcherName
Nombre de Network Watcher.
| Type: | String |
| Aliases: | Name |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ResourceGroupName
Nombre del grupo de recursos de Network Watcher.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-RetentionInDays
Número de días para conservar los registros de flujo.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-StorageAccountId
Identificador de la cuenta de almacenamiento que se usa para almacenar el registro de flujo.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-TargetResourceId
Identificador de recurso de destino.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-TrafficAnalyticsInterval
Obtiene o establece el intervalo (en minutos) que decidiría con qué frecuencia el servicio ta debe realizar análisis de flujo. Los valores admitidos son de 10 y 60 minutos.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Muestra lo que sucedería si se ejecutara el cmdlet. El cmdlet no se ejecuta.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Workspace
Objeto WS que se usa para almacenar los datos de análisis de tráfico.
| Type: | IOperationalInsightWorkspace |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-WorkspaceGUID
GUID del WS que se usa para almacenar los datos de análisis de tráfico.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-WorkspaceLocation
Región de Azure del WS que se usa para almacenar los datos de análisis de tráfico.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-WorkspaceResourceId
Suscripción del WS que se usa para almacenar los datos de análisis de tráfico.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Entradas
Nullable<T>[[System.Int32, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]]
Salidas
Notas
Palabras clave: azure, azurerm, arm, resource, management, manager, network, networking, watcher, flow, logs, flowlog, logging
Vínculos relacionados
- New-AzNetworkWatcher
- Get-AzNetworkWatcher
- Remove-AzNetworkWatcher
- Get-AzNetworkWatcherNextHop
- Get-AzNetworkWatcherSecurityGroupView
- Get-AzNetworkWatcherTopology
- Start-AzNetworkWatcherResourceTroubleshooting
- New-AzNetworkWatcherPacketCapture
- New-AzPacketCaptureFilterConfig
- Get-AzNetworkWatcherPacketCapture
- Remove-AzNetworkWatcherPacketCapture
- Stop-AzNetworkWatcherPacketCapture
- New-AzNetworkWatcherProtocolConfiguration
- Test-AzNetworkWatcherIPFlow
- Test-AzNetworkWatcher Conectar ivity
- Stop-AzNetworkWatcher Conectar ionMonitor
- Start-AzNetworkWatcher Conectar ionMonitor
- Set-AzNetworkWatcher Conectar ionMonitor
- Set-AzNetworkWatcherConfigFlowLog
- Remove-AzNetworkWatcher Conectar ionMonitor
- New-AzNetworkWatcher Conectar ionMonitor
- Get-AzNetworkWatcherTroubleshootingResult
- Get-AzNetworkWatcherReachabilityReport
- Get-AzNetworkWatcherReachabilityProvidersList
- Get-AzNetworkWatcherFlowLogStatus
- Get-AzNetworkWatcher Conectar ionMonitorReport
- Get-AzNetworkWatcher Conectar ionMonitor
Comentarios
Próximamente: A lo largo de 2024 iremos eliminando gradualmente GitHub Issues como mecanismo de comentarios sobre el contenido y lo sustituiremos por un nuevo sistema de comentarios. Para más información, vea: https://aka.ms/ContentUserFeedback.
Enviar y ver comentarios de