Quickstart: Configure Azure Network Watcher NSG flow logs using a Bicep file
Article
In this quickstart, you learn how to enable NSG flow logs using a Bicep file.
Bicep is a domain-specific language (DSL) that uses declarative syntax to deploy Azure resources. It provides concise syntax, reliable type safety, and support for code reuse. Bicep offers the best authoring experience for your infrastructure-as-code solutions in Azure.
Prerequisites
An Azure account with an active subscription. If you don't have one, create a free account before you begin.
To deploy the Bicep files, either Azure CLI or PowerShell installed.
You can delete Azure resources using complete deployment mode. To delete a flow logs resource, specify a deployment in complete mode without including the resource you want to delete. Read more about complete deployment mode.
You also can disable an NSG flow log in the Azure portal:
Sign in to the Azure portal.
In the search box at the top of the portal, enter network watcher. Select Network Watcher from the search results.
Under Logs, select Flow logs.
In the list of flow logs, select the flow log that you want to disable.
Select Disable.
Related content
To learn how to visualize your NSG flow logs data, see:
Learn how to enable or disable Azure Network Watcher in your region by creating a Network Watcher instance using the Azure portal, PowerShell, the Azure CLI, REST API, or ARM template.
In this quickstart, you learn how to diagnose a virtual machine network traffic filter problem using Azure Network Watcher IP flow verify in Azure PowerShell.
Learn about NSG flow logs feature of Azure Network Watcher, which allows you to log information about IP traffic flowing through a network security group.