Create an Azure Network Watcher instance
Network Watcher is a regional service that enables you to monitor and diagnose conditions at a network scenario level in, to, and from Azure. Scenario level monitoring enables you to diagnose problems at an end to end network level view. Network diagnostic and visualization tools available with Network Watcher help you understand, diagnose, and gain insights to your network in Azure. Network Watcher is enabled through the creation of a Network Watcher resource. This resource allows you to utilize Network Watcher capabilities.
Network Watcher is automatically enabled
When you create or update a virtual network in your subscription, Network Watcher will be enabled automatically in your Virtual Network's region. Automatically enabling Network Watcher doesn't affect your resources or associated charge.
Opt-out of Network Watcher automatic enablement
If you would like to opt out of Network Watcher automatic enablement, you can do so by running the following commands:
Warning
Opting-out of Network Watcher automatic enablement is a permanent change. Once you opt-out, you cannot opt-in without contacting Azure support.
Register-AzProviderFeature -FeatureName DisableNetworkWatcherAutocreation -ProviderNamespace Microsoft.Network
Register-AzResourceProvider -ProviderNamespace Microsoft.Network
az feature register --name DisableNetworkWatcherAutocreation --namespace Microsoft.Network
az provider register -n Microsoft.Network
Prerequisites
- An Azure account with an active subscription. Create one for free.
Create a Network Watcher in the portal
Sign in to the Azure portal with an account that has the necessary permissions.
In the search box at the top of the portal, enter Network Watcher.
In the search results, select Network Watcher.
Select + Add.
In Add network watcher, select your Azure subscription, then select the region that you want to enable Azure Network Watcher for.
Select Add.
When you enable Network Watcher using the Azure portal, the name of the Network Watcher instance is automatically set to NetworkWatcher_region_name, where region_name corresponds to the Azure region of the Network Watcher instance. For example, a Network Watcher enabled in the East US region is named NetworkWatcher_eastus.
The Network Watcher instance is automatically created in a resource group named NetworkWatcherRG. The resource group is created if it doesn't already exist.
If you wish to customize the name of a Network Watcher instance and the resource group it's placed into, you can use PowerShell or REST API methods. In each option, the resource group must exist before you create a Network Watcher in it.
Create a Network Watcher using PowerShell
Use New-AzNetworkWatcher to create an instance of Network Watcher:
New-AzNetworkWatcher -Name NetworkWatcher_westus -ResourceGroupName NetworkWatcherRG -Location westus
Create a Network Watcher using the Azure CLI
Use az network watcher configure to create an instance of Network Watcher:
az network watcher configure --resource-group NetworkWatcherRG --locations westcentralus --enabled
Create a Network Watcher using the REST API
The ARMclient is used to call the REST API using PowerShell. The ARMClient is found on chocolatey at ARMClient on Chocolatey
Sign in with ARMClient
armclient login
Create the network watcher
$subscriptionId = '<subscription id>'
$networkWatcherName = '<name of network watcher>'
$resourceGroupName = '<resource group name>'
$apiversion = "2022-07-01"
$requestBody = @"
{
'location': 'West Central US'
}
"@
armclient put "https://management.azure.com/subscriptions/${subscriptionId}/resourceGroups/${resourceGroupName}/providers/Microsoft.Network/networkWatchers/${networkWatcherName}?api-version=${api-version}" $requestBody
Create a Network Watcher using Azure Quickstart Template
To create an instance of Network Watcher, refer to this Quickstart Template.
Delete a Network Watcher using the Azure portal
Sign in to the Azure portal with an account that has the necessary permissions.
In the search box at the top of the portal, enter Network Watcher.
In the search results, select Network Watcher.
In the Overview page, select the Network Watcher instances that you want to delete, then select Disable.
Enter yes, then select Delete.
Delete a Network Watcher using PowerShell
Use Remove-AzNetworkWatcher to delete an instance of Network Watcher:
Remove-AzNetworkWatcher -Name NetworkWatcher_westus -ResourceGroupName NetworkWatcherRG
Delete a Network Watcher using the Azure CLI
Use az network watcher configure to delete an instance of Network Watcher:
az network watcher configure --resource-group NetworkWatcherRG --locations westcentralus --enabled false
Next steps
Now that you have an instance of Network Watcher, learn about the available features:
Feedback
Submit and view feedback for