Network Watchers - Get Network Configuration Diagnostic

Referenz

Service:: Network Watcher

API Version:: 2023-09-01

Ruft Netzwerkkonfigurationsdiagnosedaten ab, die Kunden dabei helfen, das Netzwerkverhalten zu verstehen und zu debuggen. Sie enthält detaillierte Informationen dazu, welche Sicherheitsregeln auf einen angegebenen Datenverkehrsfluss angewendet wurden, und das Ergebnis der Auswertung dieser Regeln. Kunden müssen Details zu einem Flow angeben, z. B. Quelle, Ziel, Protokoll usw. Die API gibt zurück, ob Datenverkehr zugelassen oder verweigert wurde, die Für den angegebenen Flow ausgewerteten Regeln und die Auswertungsergebnisse.

POST https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/networkWatchers/{networkWatcherName}/networkConfigurationDiagnostic?api-version=2023-09-01

URI-Parameter

Name	In	Erforderlich	Typ	Beschreibung
networkWatcherName	path	True	string	Der Name des Network Watchers.
resourceGroupName	path	True	string	Der Name der Ressourcengruppe.
subscriptionId	path	True	string	Die Abonnementanmeldeinformationen, die das Microsoft Azure-Abonnement eindeutig identifizieren. Die Abonnement-ID ist Teil des URI für jeden Dienstaufruf.
api-version	query	True	string	Client-API-Version.

Anforderungstext

Name	Erforderlich	Typ	Beschreibung
profiles	True	NetworkConfigurationDiagnosticProfile[]	Liste der Diagnoseprofile für die Netzwerkkonfiguration.
targetResourceId	True	string	Die ID der Zielressource zum Ausführen der Netzwerkkonfigurationsdiagnose. Gültige Optionen sind VM, NetworkInterface, VMSS/NetworkInterface und Application Gateway.
verbosityLevel		VerbosityLevel	Ausführlichkeitsgrad.

Antworten

Name	Typ	Beschreibung
200 OK	NetworkConfigurationDiagnosticResponse	Anforderung erfolgreich. Der Vorgang gibt das Ergebnis der Netzwerkkonfigurationsdiagnose zurück.
202 Accepted	NetworkConfigurationDiagnosticResponse	Akzeptiert, und der Vorgang wird asynchron abgeschlossen.
Other Status Codes	ErrorResponse	Fehlerantwort mit Beschreibung des Grunds für den Fehler.

Sicherheit

azure_auth

Azure Active Directory OAuth2-Flow.

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name	Beschreibung
user_impersonation	Identitätswechsel Ihres Benutzerkontos

Beispiele

Network configuration diagnostic

Sample Request

POST https://management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/networkWatchers/nw1/networkConfigurationDiagnostic?api-version=2023-09-01

{
  "targetResourceId": "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Compute/virtualMachines/vm1",
  "profiles": [
    {
      "direction": "Inbound",
      "protocol": "TCP",
      "source": "10.1.0.4",
      "destination": "12.11.12.14",
      "destinationPort": "12100"
    }
  ]
}


import com.azure.resourcemanager.network.models.Direction;
import com.azure.resourcemanager.network.models.NetworkConfigurationDiagnosticParameters;
import com.azure.resourcemanager.network.models.NetworkConfigurationDiagnosticProfile;
import java.util.Arrays;

/**
 * Samples for NetworkWatchers GetNetworkConfigurationDiagnostic.
 */
public final class Main {
    /*
     * x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/
     * NetworkWatcherNetworkConfigurationDiagnostic.json
     */
    /**
     * Sample code: Network configuration diagnostic.
     * 
     * @param azure The entry point for accessing resource management APIs in Azure.
     */
    public static void networkConfigurationDiagnostic(com.azure.resourcemanager.AzureResourceManager azure) {
        azure.networks().manager().serviceClient().getNetworkWatchers().getNetworkConfigurationDiagnostic("rg1", "nw1",
            new NetworkConfigurationDiagnosticParameters()
                .withTargetResourceId(
                    "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Compute/virtualMachines/vm1")
                .withProfiles(Arrays.asList(
                    new NetworkConfigurationDiagnosticProfile().withDirection(Direction.INBOUND).withProtocol("TCP")
                        .withSource("10.1.0.4").withDestination("12.11.12.14").withDestinationPort("12100"))),
            com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

from azure.identity import DefaultAzureCredential
from azure.mgmt.network import NetworkManagementClient

"""
# PREREQUISITES
    pip install azure-identity
    pip install azure-mgmt-network
# USAGE
    python network_watcher_network_configuration_diagnostic.py

    Before run the sample, please set the values of the client ID, tenant ID and client secret
    of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
    AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
    https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""


def main():
    client = NetworkManagementClient(
        credential=DefaultAzureCredential(),
        subscription_id="subid",
    )

    response = client.network_watchers.begin_get_network_configuration_diagnostic(
        resource_group_name="rg1",
        network_watcher_name="nw1",
        parameters={
            "profiles": [
                {
                    "destination": "12.11.12.14",
                    "destinationPort": "12100",
                    "direction": "Inbound",
                    "protocol": "TCP",
                    "source": "10.1.0.4",
                }
            ],
            "targetResourceId": "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Compute/virtualMachines/vm1",
        },
    ).result()
    print(response)


# x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkWatcherNetworkConfigurationDiagnostic.json
if __name__ == "__main__":
    main()

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armnetwork_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v5"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/d4205894880b989ede35d62d97c8e901ed14fb5a/specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkWatcherNetworkConfigurationDiagnostic.json
func ExampleWatchersClient_BeginGetNetworkConfigurationDiagnostic() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armnetwork.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	poller, err := clientFactory.NewWatchersClient().BeginGetNetworkConfigurationDiagnostic(ctx, "rg1", "nw1", armnetwork.ConfigurationDiagnosticParameters{
		Profiles: []*armnetwork.ConfigurationDiagnosticProfile{
			{
				Destination:     to.Ptr("12.11.12.14"),
				DestinationPort: to.Ptr("12100"),
				Direction:       to.Ptr(armnetwork.DirectionInbound),
				Source:          to.Ptr("10.1.0.4"),
				Protocol:        to.Ptr("TCP"),
			}},
		TargetResourceID: to.Ptr("/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Compute/virtualMachines/vm1"),
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	res, err := poller.PollUntilDone(ctx, nil)
	if err != nil {
		log.Fatalf("failed to pull the result: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.ConfigurationDiagnosticResponse = armnetwork.ConfigurationDiagnosticResponse{
	// 	Results: []*armnetwork.ConfigurationDiagnosticResult{
	// 		{
	// 			NetworkSecurityGroupResult: &armnetwork.SecurityGroupResult{
	// 				EvaluatedNetworkSecurityGroups: []*armnetwork.EvaluatedNetworkSecurityGroup{
	// 					{
	// 						AppliedTo: to.Ptr("/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/virtualNetworks/vnet/subnets/AppSubnet"),
	// 						MatchedRule: &armnetwork.MatchedRule{
	// 							Action: to.Ptr("Allow"),
	// 							RuleName: to.Ptr("UserRule_fe_rule"),
	// 						},
	// 						NetworkSecurityGroupID: to.Ptr("/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/networkSecurityGroups/nsg1"),
	// 						RulesEvaluationResult: []*armnetwork.SecurityRulesEvaluationResult{
	// 							{
	// 								Name: to.Ptr("UserRule_Cleanuptool-Allow-100"),
	// 								DestinationMatched: to.Ptr(true),
	// 								DestinationPortMatched: to.Ptr(false),
	// 								ProtocolMatched: to.Ptr(true),
	// 								SourceMatched: to.Ptr(false),
	// 								SourcePortMatched: to.Ptr(true),
	// 							},
	// 							{
	// 								Name: to.Ptr("UserRule_Cleanuptool-Allow-101"),
	// 								DestinationMatched: to.Ptr(true),
	// 								DestinationPortMatched: to.Ptr(false),
	// 								ProtocolMatched: to.Ptr(true),
	// 								SourceMatched: to.Ptr(true),
	// 								SourcePortMatched: to.Ptr(true),
	// 							},
	// 							{
	// 								Name: to.Ptr("UserRule_Cleanuptool-Allow-102"),
	// 								DestinationMatched: to.Ptr(true),
	// 								DestinationPortMatched: to.Ptr(false),
	// 								ProtocolMatched: to.Ptr(true),
	// 								SourceMatched: to.Ptr(false),
	// 								SourcePortMatched: to.Ptr(true),
	// 							},
	// 							{
	// 								Name: to.Ptr("UserRule_Cleanuptool-Deny-103"),
	// 								DestinationMatched: to.Ptr(true),
	// 								DestinationPortMatched: to.Ptr(false),
	// 								ProtocolMatched: to.Ptr(true),
	// 								SourceMatched: to.Ptr(true),
	// 								SourcePortMatched: to.Ptr(true),
	// 							},
	// 							{
	// 								Name: to.Ptr("UserRule_fe_rule"),
	// 								DestinationMatched: to.Ptr(true),
	// 								DestinationPortMatched: to.Ptr(true),
	// 								ProtocolMatched: to.Ptr(true),
	// 								SourceMatched: to.Ptr(true),
	// 								SourcePortMatched: to.Ptr(true),
	// 						}},
	// 					},
	// 					{
	// 						AppliedTo: to.Ptr("/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/virtualNetworks/vnet/networkInterfaces/nic"),
	// 						MatchedRule: &armnetwork.MatchedRule{
	// 							Action: to.Ptr("Allow"),
	// 							RuleName: to.Ptr("UserRule_fe_rule"),
	// 						},
	// 						NetworkSecurityGroupID: to.Ptr("/subscriptions/61cc8a98-a8be-4bfe-a04e-0b461f93fe35/resourceGroups/NwRgCentralUSEUAP_copy/providers/Microsoft.Network/networkSecurityGroups/AppNSG"),
	// 						RulesEvaluationResult: []*armnetwork.SecurityRulesEvaluationResult{
	// 							{
	// 								Name: to.Ptr("UserRule_fe_rule"),
	// 								DestinationMatched: to.Ptr(true),
	// 								DestinationPortMatched: to.Ptr(true),
	// 								ProtocolMatched: to.Ptr(true),
	// 								SourceMatched: to.Ptr(true),
	// 								SourcePortMatched: to.Ptr(true),
	// 						}},
	// 				}},
	// 				SecurityRuleAccessResult: to.Ptr(armnetwork.SecurityRuleAccessAllow),
	// 			},
	// 			Profile: &armnetwork.ConfigurationDiagnosticProfile{
	// 				Destination: to.Ptr("12.11.12.14"),
	// 				DestinationPort: to.Ptr("12100"),
	// 				Direction: to.Ptr(armnetwork.DirectionInbound),
	// 				Source: to.Ptr("10.1.0.4"),
	// 				Protocol: to.Ptr("TCP"),
	// 			},
	// 	}},
	// }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { NetworkManagementClient } = require("@azure/arm-network");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets Network Configuration Diagnostic data to help customers understand and debug network behavior. It provides detailed information on what security rules were applied to a specified traffic flow and the result of evaluating these rules. Customers must provide details of a flow like source, destination, protocol, etc. The API returns whether traffic was allowed or denied, the rules evaluated for the specified flow and the evaluation results.
 *
 * @summary Gets Network Configuration Diagnostic data to help customers understand and debug network behavior. It provides detailed information on what security rules were applied to a specified traffic flow and the result of evaluating these rules. Customers must provide details of a flow like source, destination, protocol, etc. The API returns whether traffic was allowed or denied, the rules evaluated for the specified flow and the evaluation results.
 * x-ms-original-file: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkWatcherNetworkConfigurationDiagnostic.json
 */
async function networkConfigurationDiagnostic() {
  const subscriptionId = process.env["NETWORK_SUBSCRIPTION_ID"] || "subid";
  const resourceGroupName = process.env["NETWORK_RESOURCE_GROUP"] || "rg1";
  const networkWatcherName = "nw1";
  const parameters = {
    profiles: [
      {
        destination: "12.11.12.14",
        destinationPort: "12100",
        direction: "Inbound",
        source: "10.1.0.4",
        protocol: "TCP",
      },
    ],
    targetResourceId:
      "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Compute/virtualMachines/vm1",
  };
  const credential = new DefaultAzureCredential();
  const client = new NetworkManagementClient(credential, subscriptionId);
  const result = await client.networkWatchers.beginGetNetworkConfigurationDiagnosticAndWait(
    resourceGroupName,
    networkWatcherName,
    parameters,
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Network;
using Azure.ResourceManager.Network.Models;
using Azure.ResourceManager.Resources;

// Generated from example definition: specification/network/resource-manager/Microsoft.Network/stable/2023-09-01/examples/NetworkWatcherNetworkConfigurationDiagnostic.json
// this example is just showing the usage of "NetworkWatchers_GetNetworkConfigurationDiagnostic" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this NetworkWatcherResource created on azure
// for more information of creating NetworkWatcherResource, please refer to the document of NetworkWatcherResource
string subscriptionId = "subid";
string resourceGroupName = "rg1";
string networkWatcherName = "nw1";
ResourceIdentifier networkWatcherResourceId = NetworkWatcherResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, networkWatcherName);
NetworkWatcherResource networkWatcher = client.GetNetworkWatcherResource(networkWatcherResourceId);

// invoke the operation
NetworkConfigurationDiagnosticContent content = new NetworkConfigurationDiagnosticContent(new ResourceIdentifier("/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Compute/virtualMachines/vm1"), new NetworkConfigurationDiagnosticProfile[]
{
new NetworkConfigurationDiagnosticProfile(NetworkTrafficDirection.Inbound,"TCP","10.1.0.4","12.11.12.14","12100")
});
ArmOperation<NetworkConfigurationDiagnosticResponse> lro = await networkWatcher.GetNetworkConfigurationDiagnosticAsync(WaitUntil.Completed, content);
NetworkConfigurationDiagnosticResponse result = lro.Value;

Console.WriteLine($"Succeeded: {result}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample Response

Status code:: 200

{
  "results": [
    {
      "profile": {
        "direction": "Inbound",
        "protocol": "TCP",
        "source": "10.1.0.4",
        "destination": "12.11.12.14",
        "destinationPort": "12100"
      },
      "networkSecurityGroupResult": {
        "securityRuleAccessResult": "Allow",
        "evaluatedNetworkSecurityGroups": [
          {
            "networkSecurityGroupId": "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/networkSecurityGroups/nsg1",
            "appliedTo": "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/virtualNetworks/vnet/subnets/AppSubnet",
            "matchedRule": {
              "ruleName": "UserRule_fe_rule",
              "action": "Allow"
            },
            "rulesEvaluationResult": [
              {
                "name": "UserRule_Cleanuptool-Allow-100",
                "protocolMatched": true,
                "sourceMatched": false,
                "sourcePortMatched": true,
                "destinationMatched": true,
                "destinationPortMatched": false
              },
              {
                "name": "UserRule_Cleanuptool-Allow-101",
                "protocolMatched": true,
                "sourceMatched": true,
                "sourcePortMatched": true,
                "destinationMatched": true,
                "destinationPortMatched": false
              },
              {
                "name": "UserRule_Cleanuptool-Allow-102",
                "protocolMatched": true,
                "sourceMatched": false,
                "sourcePortMatched": true,
                "destinationMatched": true,
                "destinationPortMatched": false
              },
              {
                "name": "UserRule_Cleanuptool-Deny-103",
                "protocolMatched": true,
                "sourceMatched": true,
                "sourcePortMatched": true,
                "destinationMatched": true,
                "destinationPortMatched": false
              },
              {
                "name": "UserRule_fe_rule",
                "protocolMatched": true,
                "sourceMatched": true,
                "sourcePortMatched": true,
                "destinationMatched": true,
                "destinationPortMatched": true
              }
            ]
          },
          {
            "networkSecurityGroupId": "/subscriptions/61cc8a98-a8be-4bfe-a04e-0b461f93fe35/resourceGroups/NwRgCentralUSEUAP_copy/providers/Microsoft.Network/networkSecurityGroups/AppNSG",
            "appliedTo": "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/virtualNetworks/vnet/networkInterfaces/nic",
            "matchedRule": {
              "ruleName": "UserRule_fe_rule",
              "action": "Allow"
            },
            "rulesEvaluationResult": [
              {
                "name": "UserRule_fe_rule",
                "protocolMatched": true,
                "sourceMatched": true,
                "sourcePortMatched": true,
                "destinationMatched": true,
                "destinationPortMatched": true
              }
            ]
          }
        ]
      }
    }
  ]
}

Status code:: 202

Location: https:/management.azure.com/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/networkWatchers/nw1/networkConfigurationDiagnostic?api-version=2023-09-01

Response Body

{
  "results": [
    {
      "profile": {
        "direction": "Inbound",
        "protocol": "TCP",
        "source": "10.1.0.4",
        "destination": "12.11.12.14",
        "destinationPort": "12100"
      },
      "networkSecurityGroupResult": {
        "securityRuleAccessResult": "Allow",
        "evaluatedNetworkSecurityGroups": [
          {
            "networkSecurityGroupId": "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/networkSecurityGroups/nsg1",
            "appliedTo": "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/virtualNetworks/vnet/subnets/AppSubnet",
            "matchedRule": {
              "ruleName": "UserRule_fe_rule",
              "action": "Allow"
            },
            "rulesEvaluationResult": [
              {
                "name": "UserRule_Cleanuptool-Allow-100",
                "protocolMatched": true,
                "sourceMatched": false,
                "sourcePortMatched": true,
                "destinationMatched": true,
                "destinationPortMatched": false
              },
              {
                "name": "UserRule_Cleanuptool-Allow-101",
                "protocolMatched": true,
                "sourceMatched": true,
                "sourcePortMatched": true,
                "destinationMatched": true,
                "destinationPortMatched": false
              },
              {
                "name": "UserRule_Cleanuptool-Allow-102",
                "protocolMatched": true,
                "sourceMatched": false,
                "sourcePortMatched": true,
                "destinationMatched": true,
                "destinationPortMatched": false
              },
              {
                "name": "UserRule_Cleanuptool-Deny-103",
                "protocolMatched": true,
                "sourceMatched": true,
                "sourcePortMatched": true,
                "destinationMatched": true,
                "destinationPortMatched": false
              },
              {
                "name": "UserRule_fe_rule",
                "protocolMatched": true,
                "sourceMatched": true,
                "sourcePortMatched": true,
                "destinationMatched": true,
                "destinationPortMatched": true
              }
            ]
          },
          {
            "networkSecurityGroupId": "/subscriptions/61cc8a98-a8be-4bfe-a04e-0b461f93fe35/resourceGroups/NwRgCentralUSEUAP_copy/providers/Microsoft.Network/networkSecurityGroups/AppNSG",
            "appliedTo": "/subscriptions/subid/resourceGroups/rg2/providers/Microsoft.Network/virtualNetworks/vnet/networkInterfaces/nic",
            "matchedRule": {
              "ruleName": "UserRule_fe_rule",
              "action": "Allow"
            },
            "rulesEvaluationResult": [
              {
                "name": "UserRule_fe_rule",
                "protocolMatched": true,
                "sourceMatched": true,
                "sourcePortMatched": true,
                "destinationMatched": true,
                "destinationPortMatched": true
              }
            ]
          }
        ]
      }
    }
  ]
}

Definitionen

Name	Beschreibung
Direction	Die Richtung des Datenverkehrs.
ErrorDetails	Allgemeine Darstellung von Fehlerdetails.
ErrorResponse	Das Fehlerobjekt.
EvaluatedNetworkSecurityGroup	Ergebnisse der Auswertung von Netzwerksicherheitsgruppen.
MatchedRule	Übereinstimmungsregel.
NetworkConfigurationDiagnosticParameters	Parameter zum Abrufen der Netzwerkkonfigurationsdiagnose.
NetworkConfigurationDiagnosticProfile	Parameter, die mit der Netzwerkkonfiguration verglichen werden sollen.
NetworkConfigurationDiagnosticResponse	Ergebnisse der Netzwerkkonfigurationsdiagnose für die Zielressource.
NetworkConfigurationDiagnosticResult	Das Diagnoseergebnis der Netzwerkkonfiguration entsprach der bereitgestellten Datenverkehrsabfrage.
NetworkSecurityGroupResult	Das Diagnoseergebnis der Netzwerkkonfiguration entspricht der bereitgestellten Datenverkehrsabfrage.
NetworkSecurityRulesEvaluationResult	Auswertungsergebnis für Netzwerksicherheitsregeln.
SecurityRuleAccess	Gibt an, ob Netzwerkdatenverkehr zugelassen oder verweigert wird.
VerbosityLevel	Ausführlichkeitsgrad.

Direction

Die Richtung des Datenverkehrs.

Name	Typ	Beschreibung
Inbound	string
Outbound	string

ErrorDetails

Allgemeine Darstellung von Fehlerdetails.

Name	Typ	Beschreibung
code	string	Fehlercode
message	string	Fehlermeldung.
target	string	Fehlerziel.

ErrorResponse

Das Fehlerobjekt.

Name	Typ	Beschreibung
error	ErrorDetails	Fehler Das Fehlerdetails-Objekt.

EvaluatedNetworkSecurityGroup

Ergebnisse der Auswertung von Netzwerksicherheitsgruppen.

Name	Typ	Beschreibung
appliedTo	string	Ressourcen-ID der Nic oder des Subnetzes, auf die die Netzwerksicherheitsgruppe angewendet wird.
matchedRule	MatchedRule	Die entsprechende Netzwerksicherheitsregel.
networkSecurityGroupId	string	Die ID der Netzwerksicherheitsgruppe.
rulesEvaluationResult	NetworkSecurityRulesEvaluationResult[]	Die Liste mit den Auswertungsergebnissen für Netzwerksicherheitsregeln.

MatchedRule

Übereinstimmungsregel.

Name	Typ	Beschreibung
action	string	Der Netzwerkdatenverkehr wird zugelassen oder verweigert. Mögliche Werte sind "Allow" und "Deny".
ruleName	string	Der Name der entsprechenden Netzwerksicherheitsregel.

NetworkConfigurationDiagnosticParameters

Parameter zum Abrufen der Netzwerkkonfigurationsdiagnose.

Name	Typ	Beschreibung
profiles	NetworkConfigurationDiagnosticProfile[]	Liste der Diagnoseprofile für die Netzwerkkonfiguration.
targetResourceId	string	Die ID der Zielressource zum Ausführen der Netzwerkkonfigurationsdiagnose. Gültige Optionen sind VM, NetworkInterface, VMSS/NetworkInterface und Application Gateway.
verbosityLevel	VerbosityLevel	Ausführlichkeitsgrad.

NetworkConfigurationDiagnosticProfile

Parameter, die mit der Netzwerkkonfiguration verglichen werden sollen.

Name	Typ	Beschreibung
destination	string	Das Ziel für den Datenverkehr. Akzeptierte Werte sind: '*', IP-Adresse/CIDR, Diensttag.
destinationPort	string	Der Zielport für den Datenverkehr. Akzeptierte Werte sind "*" und ein einzelner Port im Bereich (0 bis 65535).
direction	Direction	Die Richtung des Datenverkehrs.
protocol	string	Zu überprüfende Protokoll. Akzeptierte Werte sind "*", TCP, UDP.
source	string	Die Datenverkehrsquelle. Akzeptierte Werte sind "*", IP-Adresse/CIDR, Diensttag.

NetworkConfigurationDiagnosticResponse

Ergebnisse der Netzwerkkonfigurationsdiagnose für die Zielressource.

Name	Typ	Beschreibung
results	NetworkConfigurationDiagnosticResult[]	Liste der Diagnoseergebnisse der Netzwerkkonfiguration.

NetworkConfigurationDiagnosticResult

Das Diagnoseergebnis der Netzwerkkonfiguration entsprach der bereitgestellten Datenverkehrsabfrage.

Name	Typ	Beschreibung
networkSecurityGroupResult	NetworkSecurityGroupResult	Das Ergebnis für Netzwerksicherheitsgruppen.
profile	NetworkConfigurationDiagnosticProfile	Das Profil der Netzwerkkonfigurationsdiagnose.

NetworkSecurityGroupResult

Das Diagnoseergebnis der Netzwerkkonfiguration entspricht der bereitgestellten Datenverkehrsabfrage.

Name	Typ	Beschreibung
evaluatedNetworkSecurityGroups	EvaluatedNetworkSecurityGroup[]	Die Liste der Diagnoseergebnisse für Netzwerksicherheitsgruppen.
securityRuleAccessResult	SecurityRuleAccess	Der Netzwerkdatenverkehr wird zugelassen oder verweigert.

NetworkSecurityRulesEvaluationResult

Auswertungsergebnis für Netzwerksicherheitsregeln.

Name	Typ	Beschreibung
destinationMatched	boolean	Wert, der angibt, ob das Ziel abgeglichen wird.
destinationPortMatched	boolean	Wert, der angibt, ob der Zielport abgeglichen wird.
name	string	Der Name der Netzwerksicherheitsregel.
protocolMatched	boolean	Wert, der angibt, ob das Protokoll übereinstimmt.
sourceMatched	boolean	Wert, der angibt, ob die Quelle übereinstimmt.
sourcePortMatched	boolean	Wert, der angibt, ob der Quellport übereinstimmt.

SecurityRuleAccess

Gibt an, ob Netzwerkdatenverkehr zugelassen oder verweigert wird.

Name	Typ	Beschreibung
Allow	string
Deny	string

VerbosityLevel

Ausführlichkeitsgrad.

Name	Typ	Beschreibung
Full	string
Minimum	string
Normal	string