Enable Traffic Analytics in NSG flow log
Hi Team, Iam currently working on a process for creating NSG flow log with Traffic Analytics Enabled through bicep. When i have tested the pipeline i have received the below error "TAUserDoesNotHavePermissions: User does not have permissions to…
Should I enable diagnostics on an internal Load Balancer or NSG on the subnet to get info on IP Addresses that connect to an internal Load Balancer ?
Should I enable diagnostics on an internal Load Balancer or NSG on the subnet to get info on IP Addresses that connect to an internal Load Balancer ?
See all internet based traffic leaving azure natively - report
Hi, Does anyone know if it is possible or what type of report we can generate that will essentially show all internet-based traffic leaving Azure natively (not via the FortiGate FW’s etc.) - KQL? Thank you in advance!
Get details about NGS rule listed more than 90 days
I got alert about vulnerability check about NSG rule but that was created 90 days ago and not listed in logs or monitoring kql query, how to get NSG rules from created and active from past 1 year or more and who consume it using powershell or az cli or…
Deploy NSG flow logs through Bicep
Hi Team, Is there a way to deploy multiple NSG flow logs at the same time using Bicep. Also i need to use NetworkWatcherRG to a different RG but same subscription, is that possible?
Drill into azure network monitoring spikes for detail
I am doing some monitoring on a VMSS and i see regular network spikes at pretty consistent intervals. I'm using the "Network In Total (SUM)" metric. How can i get detail on these spikes and see what this might be?
Securing access to the Azure SQL Server Database via SSMS using Privatelink ?
My company already using the Azure Express route circuit to allow secure and quicker data access across the WAN. I am trying to secure access to my SQL database in Azure from my user laptop across the globe. Turn off the Public Endpoint for all SQL…
About How to take packet capture which including global ip address.
Hi All, I need take packet capture which including global ip address of Linux VM. If I taken capture using tcpdump on Linux VM, source and destination are local address of Linux VM. I would like to take capture which source and destination are glocal ip…
Resources were getting recreated each time I execute az cli command
I am trying to create resources with Az cli everytime if i deploy the change in template in file, all the resources were getting re created for each and every deployment. Please help me to resolve this issue Thanks! Errors: abhishek@xxxxx-abhishek…
I accidentally Deleted the Network Watcher RG in Microsoft Azure. How can I undo this decision?
I deleted the Network Watcher RG in Microsoft Azure and I'm having trouble re installing it. Any help on this matter is greatly appreciated.
KQL Query to match NSG Inbound Rules with other Resource Group NSG Inbound Rules.
Hello Team, I'm looking to create an Azure monitor alert to compare NSG Inbound Rules with other RG NSG Rules. If the Rules did not match then should be fired an alert. For the same, I enabled Diagnostic settings under both NSG and set the same Log…
Output of az account list-locations
Hi team, Following Azure_cis_2.0.0 - 6.6 Ensure that Network Watcher is 'Enabled' (Automated) , I'm trying to enable the Network Watcher for all the available regions for the subscription. When I'm running the command: az account list-locations I got 79…
Unable to create Network Watcher Connection Monitor
I am unable to create Network Watcher Connection Monitor. I tried in both CLI and the portal. Few points to note: All VMs used have the network watcher agent installed The subscription is registered with Microsoft.Operational Insights. In the…
How does NSG capture flows intra vnet traffic to different snet
Hey so I have a vnet with two snet. one snet is an app service vnet integrate for outbound traffic and a snet with private endpoints to sql server that host the app service database. While I have confirmed the NSG applied to both snet can deny the DB…
Azure Network Watcher에서 패킷 미러링 부분 문의드립니다. (Packet Mirroring in Azure Network Watcher.)
Azure Network Watcher 부분에서 패킷 캡쳐 기능을 써봤습니다. 근데 패킷 미러링 부분은 Virtual Network TAP를 써야 된다고 하던데 이건 현재 서비스 중지상태맞나여? 그럼 Network Watcher에서 패킷 캡쳐를 사용해서 미러링이 가능한 부분이 있을까여? -----------Translated below---------- I used the packet capture function in the Azure Network…
Verify service tags using network watcher
Hi, I have a requirement to verify customer environment for product deployment and as part of it I need to verify certain fqdn and service tags reachablility. I can use network watcher to verify fqdn connectivity but can I use network watcher for service…
Network watcher not showing resource groups
Hi, I have a network watcher setup in West Europe, I also have a RG and resources within it (VMs, VNET) in West Europe. But when I go to the topology view of the Network Watcher it doesn't allow me to see the resource group so I can't select it.
Packet Capture initiation fails with no error message
How do you troubleshoot why a packet capture isn't initializing when the error message is blank? I keep getting a Failed with Error message, but with no error information.
How to write powershell script to identify whether the Azure Virtual machine has Jumpbox or bastionhost or other private vms
How to write powershell script to identify if one VM has jumpbox connection or Bastion host or other private network VMs. The script output will tell that this VM has Jumpbox Connection etc.
I can't see the Netrowk Diagnostic Tools for my Network Watcher in Azure
I've been exploring Azure with the book Learn Azure in a Month of Lunchtimes Second Edition. In Chapter 12, there's an exercise to use a Network Watcher. I've followed the instructions correctly, as far as I can tell but I'm not seeing the options the…