Network Watchers - Set Flow Log Configuration
Configures flow log and traffic analytics (optional) on a specified resource.
POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkWatchers/{networkWatcherName}/configureFlowLog?api-version=2024-05-01
URI Parameters
Name | In | Required | Type | Description |
---|---|---|---|---|
network
|
path | True |
string |
The name of the network watcher resource. |
resource
|
path | True |
string |
The name of the network watcher resource group. |
subscription
|
path | True |
string |
The subscription credentials which uniquely identify the Microsoft Azure subscription. The subscription ID forms part of the URI for every service call. |
api-version
|
query | True |
string |
Client API version. |
Request Body
Name | Required | Type | Description |
---|---|---|---|
properties.enabled | True |
boolean |
Flag to enable/disable flow logging. |
properties.storageId | True |
string |
ID of the storage account which is used to store the flow log. |
targetResourceId | True |
string |
The ID of the resource to configure for flow log and traffic analytics (optional) . |
flowAnalyticsConfiguration |
Parameters that define the configuration of traffic analytics. |
||
identity |
FlowLog resource Managed Identity |
||
properties.enabledFilteringCriteria |
string |
Optional field to filter network traffic logs based on SrcIP, SrcPort, DstIP, DstPort, Protocol, Encryption, Direction and Action. If not specified, all network traffic will be logged. |
|
properties.format |
Parameters that define the flow log format. |
||
properties.retentionPolicy |
Parameters that define the retention policy for flow log. |
Responses
Name | Type | Description |
---|---|---|
200 OK |
Successful request for setting flow log and traffic analytics (optional) configuration. |
|
202 Accepted |
Accepted and the operation will complete asynchronously. |
|
Other Status Codes |
Error response describing why the operation failed. |
Security
azure_auth
Azure Active Directory OAuth2 Flow.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name | Description |
---|---|
user_impersonation | impersonate your user account |
Examples
Configure flow log
Sample request
POST https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/networkWatchers/nw1/configureFlowLog?api-version=2024-05-01
{
"targetResourceId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nsg1",
"properties": {
"storageId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Storage/storageAccounts/st1",
"enabled": true
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/id1": {}
}
}
}
Sample response
{
"targetResourceId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nsg1",
"properties": {
"storageId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Storage/storageAccounts/st1",
"enabled": true
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/id1": {
"clientId": "c16d15e1-f60a-40e4-8a05-df3d3f655c14",
"principalId": "e3858881-e40c-43bd-9cde-88da39c05023"
}
}
}
}
Location: https:/management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/networkWatchers/nw1/configureFlowLog?api-version=2024-05-01
{
"targetResourceId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nsg1",
"properties": {
"storageId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Storage/storageAccounts/st1",
"enabled": true
},
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/id1": {
"clientId": "c16d15e1-f60a-40e4-8a05-df3d3f655c14",
"principalId": "e3858881-e40c-43bd-9cde-88da39c05023"
}
}
}
}
Definitions
Name | Description |
---|---|
Error |
Common error details representation. |
Error |
The error object. |
Flow |
Parameters that define the flow log format. |
Flow |
The file type of flow log. |
Flow |
Information on the configuration of flow log and traffic analytics (optional) . |
Managed |
Identity for the resource. |
Resource |
The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine. |
Retention |
Parameters that define the retention policy for flow log. |
Traffic |
Parameters that define the configuration of traffic analytics. |
Traffic |
Parameters that define the configuration of traffic analytics. |
User |
The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. |
ErrorDetails
Common error details representation.
Name | Type | Description |
---|---|---|
code |
string |
Error code. |
message |
string |
Error message. |
target |
string |
Error target. |
ErrorResponse
The error object.
Name | Type | Description |
---|---|---|
error |
Error |
FlowLogFormatParameters
Parameters that define the flow log format.
Name | Type | Default value | Description |
---|---|---|---|
type |
The file type of flow log. |
||
version |
integer |
0 |
The version (revision) of the flow log. |
FlowLogFormatType
The file type of flow log.
Name | Type | Description |
---|---|---|
JSON |
string |
FlowLogInformation
Information on the configuration of flow log and traffic analytics (optional) .
Name | Type | Description |
---|---|---|
flowAnalyticsConfiguration |
Parameters that define the configuration of traffic analytics. |
|
identity |
FlowLog resource Managed Identity |
|
properties.enabled |
boolean |
Flag to enable/disable flow logging. |
properties.enabledFilteringCriteria |
string |
Optional field to filter network traffic logs based on SrcIP, SrcPort, DstIP, DstPort, Protocol, Encryption, Direction and Action. If not specified, all network traffic will be logged. |
properties.format |
Parameters that define the flow log format. |
|
properties.retentionPolicy |
Parameters that define the retention policy for flow log. |
|
properties.storageId |
string |
ID of the storage account which is used to store the flow log. |
targetResourceId |
string |
The ID of the resource to configure for flow log and traffic analytics (optional) . |
ManagedServiceIdentity
Identity for the resource.
Name | Type | Description |
---|---|---|
principalId |
string |
The principal id of the system assigned identity. This property will only be provided for a system assigned identity. |
tenantId |
string |
The tenant id of the system assigned identity. This property will only be provided for a system assigned identity. |
type |
The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine. |
|
userAssignedIdentities |
The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. |
ResourceIdentityType
The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
Name | Type | Description |
---|---|---|
None |
string |
|
SystemAssigned |
string |
|
SystemAssigned, UserAssigned |
string |
|
UserAssigned |
string |
RetentionPolicyParameters
Parameters that define the retention policy for flow log.
Name | Type | Default value | Description |
---|---|---|---|
days |
integer |
0 |
Number of days to retain flow log records. |
enabled |
boolean |
False |
Flag to enable/disable retention. |
TrafficAnalyticsConfigurationProperties
Parameters that define the configuration of traffic analytics.
Name | Type | Description |
---|---|---|
enabled |
boolean |
Flag to enable/disable traffic analytics. |
trafficAnalyticsInterval |
integer |
The interval in minutes which would decide how frequently TA service should do flow analytics. |
workspaceId |
string |
The resource guid of the attached workspace. |
workspaceRegion |
string |
The location of the attached workspace. |
workspaceResourceId |
string |
Resource Id of the attached workspace. |
TrafficAnalyticsProperties
Parameters that define the configuration of traffic analytics.
Name | Type | Description |
---|---|---|
networkWatcherFlowAnalyticsConfiguration |
Parameters that define the configuration of traffic analytics. |
UserAssignedIdentities
The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
Name | Type | Description |
---|---|---|
|