Set-AzNetworkWatcherConfigFlowLog
Mengonfigurasi pengelogan alur untuk sumber daya target.
Sintaks
Set-AzNetworkWatcherConfigFlowLog
-NetworkWatcher <PSNetworkWatcher>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-NetworkWatcher <PSNetworkWatcher>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-EnableTrafficAnalytics]
-Workspace <IOperationalInsightWorkspace>
[-TrafficAnalyticsInterval <Int32>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-NetworkWatcher <PSNetworkWatcher>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-EnableTrafficAnalytics]
-WorkspaceResourceId <String>
-WorkspaceGUID <String>
-WorkspaceLocation <String>
[-TrafficAnalyticsInterval <Int32>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-NetworkWatcherName <String>
-ResourceGroupName <String>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-EnableTrafficAnalytics]
-Workspace <IOperationalInsightWorkspace>
[-TrafficAnalyticsInterval <Int32>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-NetworkWatcherName <String>
-ResourceGroupName <String>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-EnableTrafficAnalytics]
-WorkspaceResourceId <String>
-WorkspaceGUID <String>
-WorkspaceLocation <String>
[-TrafficAnalyticsInterval <Int32>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-NetworkWatcherName <String>
-ResourceGroupName <String>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-Location <String>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-EnableTrafficAnalytics]
-Workspace <IOperationalInsightWorkspace>
[-TrafficAnalyticsInterval <Int32>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-Location <String>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-EnableTrafficAnalytics]
-WorkspaceResourceId <String>
-WorkspaceGUID <String>
-WorkspaceLocation <String>
[-TrafficAnalyticsInterval <Int32>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Set-AzNetworkWatcherConfigFlowLog
-Location <String>
-TargetResourceId <String>
-EnableFlowLog <Boolean>
-StorageAccountId <String>
[-EnableRetention <Boolean>]
[-RetentionInDays <Int32>]
[-FormatType <String>]
[-FormatVersion <Int32>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Deskripsi
Set-AzNetworkWatcherConfigFlowLog mengonfigurasi pengelogan alur untuk sumber daya target. Properti yang akan dikonfigurasi meliputi: apakah pengelogan alur diaktifkan atau tidak untuk sumber daya yang disediakan, akun penyimpanan yang dikonfigurasi untuk mengirim log, format pembuatan log alur, dan kebijakan retensi untuk log. Saat ini Kelompok Keamanan Jaringan didukung untuk pengelogan alur.
Contoh
Contoh 1: Mengonfigurasi Pengelogan Alur untuk NSG Tertentu
$NW = Get-AzNetworkWatcher -ResourceGroupName NetworkWatcherRg -Name NetworkWatcher_westcentralus
$nsg = Get-AzNetworkSecurityGroup -ResourceGroupName NSGRG -Name appNSG
$storageId = "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123"
Set-AzNetworkWatcherConfigFlowLog -NetworkWatcher $NW -TargetResourceId $nsg.Id -EnableFlowLog $true -StorageAccountId $storageID
TargetResourceId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Network/networkSecurityGroups/appNSG
StorageId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123
Enabled : True
RetentionPolicy : {
"Days": 0,
"Enabled": false
}
Format : {
"Type ": "Json",
"Version": 1
}Dalam contoh ini kami mengonfigurasi status pengelogan alur untuk Kelompok Keamanan Jaringan. Dalam responsnya, kita melihat NSG yang ditentukan mengaktifkan pengelogan alur, format default, dan tidak ada kebijakan penyimpanan yang ditetapkan.
Contoh 2: Konfigurasikan Pengelogan Alur untuk NSG tertentu dan atur versi pengelogan alur ke 2.
$NW = Get-AzNetworkWatcher -ResourceGroupName NetworkWatcherRg -Name NetworkWatcher_westcentralus
$nsg = Get-AzNetworkSecurityGroup -ResourceGroupName NSGRG -Name appNSG
$storageId = "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123"
Set-AzNetworkWatcherConfigFlowLog -NetworkWatcher $NW -TargetResourceId $nsg.Id -EnableFlowLog $true -StorageAccountId $storageID -FormatVersion 2
TargetResourceId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Network/networkSecurityGroups/appNSG
StorageId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123
Enabled : True
RetentionPolicy : {
"Days": 0,
"Enabled": false
}
Format : {
"Type ": "Json",
"Version": 2
}Dalam contoh ini, kami mengonfigurasi pengelogan alur pada Kelompok Keamanan Jaringan (NSG) dengan log versi 2 yang ditentukan. Dalam responsnya, kita melihat NSG yang ditentukan mengaktifkan pengelogan alur, format diatur, dan tidak ada kebijakan penyimpanan yang dikonfigurasi. Jika wilayah tidak mendukung versi yang Anda tentukan, Network Watcher akan menulis versi default yang didukung di wilayah tersebut.
Contoh 3: Mengonfigurasi Pengelogan Alur dan Analitik Lalu Lintas untuk NSG Tertentu
$NW = Get-AzNetworkWatcher -ResourceGroupName NetworkWatcherRg -Name NetworkWatcher_westcentralus
$nsg = Get-AzNetworkSecurityGroup -ResourceGroupName NSGRG -Name appNSG
$storageId = "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123"
$workspace = Get-AzOperationalInsightsWorkspace -Name WorkspaceName -ResourceGroupName WorkspaceRg
Set-AzNetworkWatcherConfigFlowLog -NetworkWatcher $NW -TargetResourceId $nsg.Id -EnableFlowLog $true -StorageAccountId $storageID -EnableTrafficAnalytics -Workspace $workspace -TrafficAnalyticsInterval 60
TargetResourceId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Network/networkSecurityGroups/appNSG
StorageId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123
Enabled : True
RetentionPolicy : {
"Days": 0,
"Enabled": false
}
Format : {
"Type ": "Json",
"Version": 1
}
FlowAnalyticsConfiguration : {
"networkWatcherFlowAnalyticsConfiguration": {
"enabled": true,
"workspaceId": "bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb",
"workspaceRegion": "WorkspaceLocation",
"workspaceResourceId": "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourcegroups/WorkspaceRg/providers/microsoft.operationalinsights/workspaces/WorkspaceName",
"TrafficAnalyticsInterval": 60
}
}Dalam contoh ini, kami mengonfigurasi status pengelogan alur dan Analitik Lalu Lintas untuk Grup Keamanan Jaringan. Dalam respons, kita melihat NSG yang ditentukan memiliki pengelogan alur dan Analitik Lalu Lintas diaktifkan, format default, dan tidak ada kebijakan penyimpanan yang ditetapkan.
Contoh 4: Nonaktifkan Analitik Lalu Lintas untuk NSG Tertentu dengan Pengelogan Alur dan Analitik Lalu Lintas yang dikonfigurasi
$NW = Get-AzNetworkWatcher -ResourceGroupName NetworkWatcherRg -Name NetworkWatcher_westcentralus
$nsg = Get-AzNetworkSecurityGroup -ResourceGroupName NSGRG -Name appNSG
$storageId = "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123"
$workspace = Get-AzOperationalInsightsWorkspace -Name WorkspaceName -ResourceGroupName WorkspaceRg
Set-AzNetworkWatcherConfigFlowLog -NetworkWatcher $NW -TargetResourceId $nsg.Id -EnableFlowLog $true -StorageAccountId $storageID -EnableTrafficAnalytics -Workspace $workspace -TrafficAnalyticsInterval 60
Set-AzNetworkWatcherConfigFlowLog -NetworkWatcher $NW -TargetResourceId $nsg.Id -EnableFlowLog $true -StorageAccountId $storageID -EnableTrafficAnalytics:$false -Workspace $workspace
TargetResourceId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Network/networkSecurityGroups/appNSG
StorageId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123
Enabled : True
RetentionPolicy : {
"Days": 0,
"Enabled": false
}
Format : {
"Type ": "Json",
"Version": 1
}
FlowAnalyticsConfiguration : {
"networkWatcherFlowAnalyticsConfiguration": {
"enabled": false,
"workspaceId": "bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb",
"workspaceRegion": "WorkspaceLocation",
"workspaceResourceId": "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourcegroups/WorkspaceRg/providers/microsoft.operationalinsights/workspaces/WorkspaceName",
"TrafficAnalyticsInterval": 60
}
}Dalam contoh ini, kami menonaktifkan Analitik Lalu Lintas untuk Grup Keamanan Jaringan yang memiliki pengelogan alur dan Analitik Lalu Lintas yang dikonfigurasi sebelumnya. Dalam respons, kita melihat NSG yang ditentukan telah mengaktifkan pengelogan alur tetapi Analitik Lalu Lintas dinonaktifkan.
Parameter
-AsJob
Jalankan cmdlet di latar belakang
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Meminta Anda mengonfirmasi sebelum menjalankan cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
Kredensial, akun, penyewa, dan langganan yang digunakan untuk komunikasi dengan azure.
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-EnableFlowLog
Bendera untuk mengaktifkan/menonaktifkan pengelogan alur.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-EnableRetention
Bendera untuk mengaktifkan/menonaktifkan retensi.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-EnableTrafficAnalytics
Bendera untuk mengaktifkan/menonaktifkan retensi.
| Type: | SwitchParameter |
| Aliases: | EnableTA |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-FormatType
Jenis format log alur.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-FormatVersion
Versi format log alur.
| Type: | Nullable<T>[Int32] |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Location
Lokasi pengamat jaringan.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-NetworkWatcher
Sumber daya pengamat jaringan.
| Type: | PSNetworkWatcher |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-NetworkWatcherName
Nama pengamat jaringan.
| Type: | String |
| Aliases: | Name |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ResourceGroupName
Nama grup sumber daya pengamat jaringan.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-RetentionInDays
Jumlah hari untuk menyimpan rekaman log alur.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-StorageAccountId
ID akun penyimpanan yang digunakan untuk menyimpan log alur.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-TargetResourceId
ID sumber daya target.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-TrafficAnalyticsInterval
Mendapatkan atau mengatur interval (dalam menit) yang akan memutuskan seberapa sering layanan TA harus melakukan analitik alur. Nilai yang didukung adalah 10 dan 60 menit.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Menunjukkan apa yang akan terjadi jika cmdlet berjalan. Cmdlet tidak dijalankan.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Workspace
Objek WS yang digunakan untuk menyimpan data analitik lalu lintas.
| Type: | IOperationalInsightWorkspace |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-WorkspaceGUID
GUID WS yang digunakan untuk menyimpan data analitik lalu lintas.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-WorkspaceLocation
Wilayah Azure WS yang digunakan untuk menyimpan data analitik lalu lintas.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-WorkspaceResourceId
Langganan WS yang digunakan untuk menyimpan data analitik lalu lintas.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
Input
Nullable<T>[[System.Int32, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]]
Output
Catatan
Kata kunci: azure, azurerm, arm, sumber daya, manajemen, manajer, jaringan, jaringan, pengamat, alur, log, flowlog, pengelogan
Link Terkait
- New-AzNetworkWatcher
- Get-AzNetworkWatcher
- Remove-AzNetworkWatcher
- Get-AzNetworkWatcherNextHop
- Get-AzNetworkWatcherSecurityGroupView
- Get-AzNetworkWatcherTopology
- Start-AzNetworkWatcherResourceTroubleshooting
- New-AzNetworkWatcherPacketCapture
- New-AzPacketCaptureFilterConfig
- Get-AzNetworkWatcherPacketCapture
- Remove-AzNetworkWatcherPacketCapture
- Stop-AzNetworkWatcherPacketCapture
- New-AzNetworkWatcherProtocolConfiguration
- Test-AzNetworkWatcherIPFlow
- Test-AzNetworkWatcherConnectivity
- Stop-AzNetworkWatcherConnectionMonitor
- Start-AzNetworkWatcherConnectionMonitor
- Set-AzNetworkWatcherConnectionMonitor
- Set-AzNetworkWatcherConfigFlowLog
- Remove-AzNetworkWatcherConnectionMonitor
- New-AzNetworkWatcherConnectionMonitor
- Get-AzNetworkWatcherTroubleshootingResult
- Get-AzNetworkWatcherReachabilityReport
- Get-AzNetworkWatcherReachabilityProvidersList
- Get-AzNetworkWatcherFlowLogStatus
- Get-AzNetworkWatcherConnectionMonitorReport
- Get-AzNetworkWatcherConnectionMonitor
Saran dan Komentar
Kirim dan lihat umpan balik untuk