共用方式為


Network Watchers - Set Flow Log Configuration

Configures flow log and traffic analytics (optional) on a specified resource.

POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkWatchers/{networkWatcherName}/configureFlowLog?api-version=2024-05-01

URI Parameters

Name In Required Type Description
networkWatcherName
path True

string

The name of the network watcher resource.

resourceGroupName
path True

string

The name of the network watcher resource group.

subscriptionId
path True

string

The subscription credentials which uniquely identify the Microsoft Azure subscription. The subscription ID forms part of the URI for every service call.

api-version
query True

string

Client API version.

Request Body

Name Required Type Description
properties.enabled True

boolean

Flag to enable/disable flow logging.

properties.storageId True

string

ID of the storage account which is used to store the flow log.

targetResourceId True

string

The ID of the resource to configure for flow log and traffic analytics (optional) .

flowAnalyticsConfiguration

TrafficAnalyticsProperties

Parameters that define the configuration of traffic analytics.

identity

ManagedServiceIdentity

FlowLog resource Managed Identity

properties.enabledFilteringCriteria

string

Optional field to filter network traffic logs based on SrcIP, SrcPort, DstIP, DstPort, Protocol, Encryption, Direction and Action. If not specified, all network traffic will be logged.

properties.format

FlowLogFormatParameters

Parameters that define the flow log format.

properties.retentionPolicy

RetentionPolicyParameters

Parameters that define the retention policy for flow log.

Responses

Name Type Description
200 OK

FlowLogInformation

Successful request for setting flow log and traffic analytics (optional) configuration.

202 Accepted

FlowLogInformation

Accepted and the operation will complete asynchronously.

Other Status Codes

ErrorResponse

Error response describing why the operation failed.

Security

azure_auth

Azure Active Directory OAuth2 Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

Configure flow log

Sample request

POST https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/networkWatchers/nw1/configureFlowLog?api-version=2024-05-01

{
  "targetResourceId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nsg1",
  "properties": {
    "storageId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Storage/storageAccounts/st1",
    "enabled": true
  },
  "identity": {
    "type": "UserAssigned",
    "userAssignedIdentities": {
      "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/id1": {}
    }
  }
}

Sample response

{
  "targetResourceId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nsg1",
  "properties": {
    "storageId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Storage/storageAccounts/st1",
    "enabled": true
  },
  "identity": {
    "type": "UserAssigned",
    "userAssignedIdentities": {
      "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/id1": {
        "clientId": "c16d15e1-f60a-40e4-8a05-df3d3f655c14",
        "principalId": "e3858881-e40c-43bd-9cde-88da39c05023"
      }
    }
  }
}
Location: https:/management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/networkWatchers/nw1/configureFlowLog?api-version=2024-05-01
{
  "targetResourceId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nsg1",
  "properties": {
    "storageId": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Storage/storageAccounts/st1",
    "enabled": true
  },
  "identity": {
    "type": "UserAssigned",
    "userAssignedIdentities": {
      "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/id1": {
        "clientId": "c16d15e1-f60a-40e4-8a05-df3d3f655c14",
        "principalId": "e3858881-e40c-43bd-9cde-88da39c05023"
      }
    }
  }
}

Definitions

Name Description
ErrorDetails

Common error details representation.

ErrorResponse

The error object.

FlowLogFormatParameters

Parameters that define the flow log format.

FlowLogFormatType

The file type of flow log.

FlowLogInformation

Information on the configuration of flow log and traffic analytics (optional) .

ManagedServiceIdentity

Identity for the resource.

ResourceIdentityType

The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.

RetentionPolicyParameters

Parameters that define the retention policy for flow log.

TrafficAnalyticsConfigurationProperties

Parameters that define the configuration of traffic analytics.

TrafficAnalyticsProperties

Parameters that define the configuration of traffic analytics.

UserAssignedIdentities

The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

ErrorDetails

Common error details representation.

Name Type Description
code

string

Error code.

message

string

Error message.

target

string

Error target.

ErrorResponse

The error object.

Name Type Description
error

ErrorDetails

Error
The error details object.

FlowLogFormatParameters

Parameters that define the flow log format.

Name Type Default value Description
type

FlowLogFormatType

The file type of flow log.

version

integer

0

The version (revision) of the flow log.

FlowLogFormatType

The file type of flow log.

Name Type Description
JSON

string

FlowLogInformation

Information on the configuration of flow log and traffic analytics (optional) .

Name Type Description
flowAnalyticsConfiguration

TrafficAnalyticsProperties

Parameters that define the configuration of traffic analytics.

identity

ManagedServiceIdentity

FlowLog resource Managed Identity

properties.enabled

boolean

Flag to enable/disable flow logging.

properties.enabledFilteringCriteria

string

Optional field to filter network traffic logs based on SrcIP, SrcPort, DstIP, DstPort, Protocol, Encryption, Direction and Action. If not specified, all network traffic will be logged.

properties.format

FlowLogFormatParameters

Parameters that define the flow log format.

properties.retentionPolicy

RetentionPolicyParameters

Parameters that define the retention policy for flow log.

properties.storageId

string

ID of the storage account which is used to store the flow log.

targetResourceId

string

The ID of the resource to configure for flow log and traffic analytics (optional) .

ManagedServiceIdentity

Identity for the resource.

Name Type Description
principalId

string

The principal id of the system assigned identity. This property will only be provided for a system assigned identity.

tenantId

string

The tenant id of the system assigned identity. This property will only be provided for a system assigned identity.

type

ResourceIdentityType

The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.

userAssignedIdentities

UserAssignedIdentities

The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

ResourceIdentityType

The type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.

Name Type Description
None

string

SystemAssigned

string

SystemAssigned, UserAssigned

string

UserAssigned

string

RetentionPolicyParameters

Parameters that define the retention policy for flow log.

Name Type Default value Description
days

integer

0

Number of days to retain flow log records.

enabled

boolean

False

Flag to enable/disable retention.

TrafficAnalyticsConfigurationProperties

Parameters that define the configuration of traffic analytics.

Name Type Description
enabled

boolean

Flag to enable/disable traffic analytics.

trafficAnalyticsInterval

integer

The interval in minutes which would decide how frequently TA service should do flow analytics.

workspaceId

string

The resource guid of the attached workspace.

workspaceRegion

string

The location of the attached workspace.

workspaceResourceId

string

Resource Id of the attached workspace.

TrafficAnalyticsProperties

Parameters that define the configuration of traffic analytics.

Name Type Description
networkWatcherFlowAnalyticsConfiguration

TrafficAnalyticsConfigurationProperties

Parameters that define the configuration of traffic analytics.

UserAssignedIdentities

The list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.

Name Type Description