Share via

Microsoft.Network networkWatchers/flowLogs 2022-05-01

  • Article

Bicep resource definition

The networkWatchers/flowLogs resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/networkWatchers/flowLogs resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.Network/networkWatchers/flowLogs@2022-05-01' = {
  location: 'string'
  name: 'string'
  properties: {
    enabled: bool
    flowAnalyticsConfiguration: {
      networkWatcherFlowAnalyticsConfiguration: {
        enabled: bool
        trafficAnalyticsInterval: int
        workspaceId: 'string'
        workspaceRegion: 'string'
        workspaceResourceId: 'string'
      }
    }
    format: {
      type: 'string'
      version: int
    }
    retentionPolicy: {
      days: int
      enabled: bool
    }
    storageId: 'string'
    targetResourceId: 'string'
  }
  tags: {
    {customized property}: 'string'
  }
}

Property values

FlowLogFormatParameters

Name Description Value
type The file type of flow log. 'JSON'
version The version (revision) of the flow log. int

FlowLogPropertiesFormat

Name Description Value
enabled Flag to enable/disable flow logging. bool
flowAnalyticsConfiguration Parameters that define the configuration of traffic analytics. TrafficAnalyticsProperties
format Parameters that define the flow log format. FlowLogFormatParameters
retentionPolicy Parameters that define the retention policy for flow log. RetentionPolicyParameters
storageId ID of the storage account which is used to store the flow log. string (required)
targetResourceId ID of network security group to which flow log will be applied. string (required)

Microsoft.Network/networkWatchers/flowLogs

Name Description Value
location Resource location. string
name The resource name string (required)
parent In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource.

For more information, see Child resource outside parent resource.		 Symbolic name for resource of type: networkWatchers
properties Properties of the flow log. FlowLogPropertiesFormat
tags Resource tags Dictionary of tag names and values. See Tags in templates

ResourceTags

Name Description Value

RetentionPolicyParameters

Name Description Value
days Number of days to retain flow log records. int
enabled Flag to enable/disable retention. bool

TrafficAnalyticsConfigurationProperties

Name Description Value
enabled Flag to enable/disable traffic analytics. bool
trafficAnalyticsInterval The interval in minutes which would decide how frequently TA service should do flow analytics. int
workspaceId The resource guid of the attached workspace. string
workspaceRegion The location of the attached workspace. string
workspaceResourceId Resource Id of the attached workspace. string

TrafficAnalyticsProperties

Name Description Value
networkWatcherFlowAnalyticsConfiguration Parameters that define the configuration of traffic analytics. TrafficAnalyticsConfigurationProperties

Quickstart samples

The following quickstart samples deploy this resource type.

Bicep File Description
Enable NSG Flow Logs This template create an NSG Flow Logs resource
NSG Flow Logs with traffic analytics This template creates a NSG Flow log on an existing NSG with traffic analytics

ARM template resource definition

The networkWatchers/flowLogs resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/networkWatchers/flowLogs resource, add the following JSON to your template.

{
  "type": "Microsoft.Network/networkWatchers/flowLogs",
  "apiVersion": "2022-05-01",
  "name": "string",
  "location": "string",
  "properties": {
    "enabled": "bool",
    "flowAnalyticsConfiguration": {
      "networkWatcherFlowAnalyticsConfiguration": {
        "enabled": "bool",
        "trafficAnalyticsInterval": "int",
        "workspaceId": "string",
        "workspaceRegion": "string",
        "workspaceResourceId": "string"
      }
    },
    "format": {
      "type": "string",
      "version": "int"
    },
    "retentionPolicy": {
      "days": "int",
      "enabled": "bool"
    },
    "storageId": "string",
    "targetResourceId": "string"
  },
  "tags": {
    "{customized property}": "string"
  }
}

Property values

FlowLogFormatParameters

Name Description Value
type The file type of flow log. 'JSON'
version The version (revision) of the flow log. int

FlowLogPropertiesFormat

Name Description Value
enabled Flag to enable/disable flow logging. bool
flowAnalyticsConfiguration Parameters that define the configuration of traffic analytics. TrafficAnalyticsProperties
format Parameters that define the flow log format. FlowLogFormatParameters
retentionPolicy Parameters that define the retention policy for flow log. RetentionPolicyParameters
storageId ID of the storage account which is used to store the flow log. string (required)
targetResourceId ID of network security group to which flow log will be applied. string (required)

Microsoft.Network/networkWatchers/flowLogs

Name Description Value
apiVersion The api version '2022-05-01'
location Resource location. string
name The resource name string (required)
properties Properties of the flow log. FlowLogPropertiesFormat
tags Resource tags Dictionary of tag names and values. See Tags in templates
type The resource type 'Microsoft.Network/networkWatchers/flowLogs'

ResourceTags

Name Description Value

RetentionPolicyParameters

Name Description Value
days Number of days to retain flow log records. int
enabled Flag to enable/disable retention. bool

TrafficAnalyticsConfigurationProperties

Name Description Value
enabled Flag to enable/disable traffic analytics. bool
trafficAnalyticsInterval The interval in minutes which would decide how frequently TA service should do flow analytics. int
workspaceId The resource guid of the attached workspace. string
workspaceRegion The location of the attached workspace. string
workspaceResourceId Resource Id of the attached workspace. string

TrafficAnalyticsProperties

Name Description Value
networkWatcherFlowAnalyticsConfiguration Parameters that define the configuration of traffic analytics. TrafficAnalyticsConfigurationProperties

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Enable NSG Flow Logs

Deploy to Azure		 This template create an NSG Flow Logs resource
NSG Flow Logs with traffic analytics

Deploy to Azure		 This template creates a NSG Flow log on an existing NSG with traffic analytics

Terraform (AzAPI provider) resource definition

The networkWatchers/flowLogs resource type can be deployed with operations that target:

  • Resource groups

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Network/networkWatchers/flowLogs resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.Network/networkWatchers/flowLogs@2022-05-01"
  name = "string"
  location = "string"
  body = jsonencode({
    properties = {
      enabled = bool
      flowAnalyticsConfiguration = {
        networkWatcherFlowAnalyticsConfiguration = {
          enabled = bool
          trafficAnalyticsInterval = int
          workspaceId = "string"
          workspaceRegion = "string"
          workspaceResourceId = "string"
        }
      }
      format = {
        type = "string"
        version = int
      }
      retentionPolicy = {
        days = int
        enabled = bool
      }
      storageId = "string"
      targetResourceId = "string"
    }
  })
  tags = {
    {customized property} = "string"
  }
}

Property values

FlowLogFormatParameters

Name Description Value
type The file type of flow log. 'JSON'
version The version (revision) of the flow log. int

FlowLogPropertiesFormat

Name Description Value
enabled Flag to enable/disable flow logging. bool
flowAnalyticsConfiguration Parameters that define the configuration of traffic analytics. TrafficAnalyticsProperties
format Parameters that define the flow log format. FlowLogFormatParameters
retentionPolicy Parameters that define the retention policy for flow log. RetentionPolicyParameters
storageId ID of the storage account which is used to store the flow log. string (required)
targetResourceId ID of network security group to which flow log will be applied. string (required)

Microsoft.Network/networkWatchers/flowLogs

Name Description Value
location Resource location. string
name The resource name string (required)
parent_id The ID of the resource that is the parent for this resource. ID for resource of type: networkWatchers
properties Properties of the flow log. FlowLogPropertiesFormat
tags Resource tags Dictionary of tag names and values.
type The resource type "Microsoft.Network/networkWatchers/flowLogs@2022-05-01"

ResourceTags

Name Description Value

RetentionPolicyParameters

Name Description Value
days Number of days to retain flow log records. int
enabled Flag to enable/disable retention. bool

TrafficAnalyticsConfigurationProperties

Name Description Value
enabled Flag to enable/disable traffic analytics. bool
trafficAnalyticsInterval The interval in minutes which would decide how frequently TA service should do flow analytics. int
workspaceId The resource guid of the attached workspace. string
workspaceRegion The location of the attached workspace. string
workspaceResourceId Resource Id of the attached workspace. string

TrafficAnalyticsProperties

Name Description Value
networkWatcherFlowAnalyticsConfiguration Parameters that define the configuration of traffic analytics. TrafficAnalyticsConfigurationProperties