Edit

Share via


Get-AzNetworkWatcherFlowLogStatus

Gets the status of flow logging on a resource.

Syntax

SetByResource (Default)

Get-AzNetworkWatcherFlowLogStatus
    -NetworkWatcher <PSNetworkWatcher>
    -TargetResourceId <String>
    [-AsJob]
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]

SetByName

Get-AzNetworkWatcherFlowLogStatus
    -NetworkWatcherName <String>
    -ResourceGroupName <String>
    -TargetResourceId <String>
    [-AsJob]
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]

SetByLocation

Get-AzNetworkWatcherFlowLogStatus
    -Location <String>
    -TargetResourceId <String>
    [-AsJob]
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]

Description

The Get-AzNetworkWatcherFlowLogStatus cmdlet Gets the status of flow logging on a resource. The status includes whether or not flow logging is enabled for the resource provided, the configured storage account to send logs, and the retention policy for the logs. Currently Network Security Groups are supported for flow logging.

Examples

Example 1: Get the Flow Logging Status for a Specified NSG

$NW = Get-AzNetworkWatcher -ResourceGroupName NetworkWatcherRg -Name NetworkWatcher_westcentralus
$nsg = Get-AzNetworkSecurityGroup -ResourceGroupName NSGRG -Name appNSG

Get-AzNetworkWatcherFlowLogStatus -NetworkWatcher $NW -TargetResourceId $nsg.Id
TargetResourceId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Network/networkSecurityGroups/appNSG
Properties       : {
                     "Enabled": true,
                     "RetentionPolicy": {
                       "Days": 0,
                       "Enabled": false
                     },
                     "StorageId": "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123"
                     "Format"         : {
                       "Type ": "Json",
                       "Version": 1
                     }
                   }

In this example we get the flow logging status for a Network Security Group. The specified NSG has flow logging enabled, default format, and no retention policy set.

Example 2: Get the Flow Logging and Traffic Analytics Status for a Specified NSG

$NW = Get-AzNetworkWatcher -ResourceGroupName NetworkWatcherRg -Name NetworkWatcher_westcentralus
$nsg = Get-AzNetworkSecurityGroup -ResourceGroupName NSGRG -Name appNSG

Get-AzNetworkWatcherFlowLogStatus -NetworkWatcher $NW -TargetResourceId $nsg.Id
TargetResourceId : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Network/networkSecurityGroups/appNSG
StorageId        : /subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourceGroups/NSGRG/providers/Microsoft.Storage/storageAccounts/contosostorageacct123
Enabled          : True
RetentionPolicy  : {
                     "Days": 0,
                     "Enabled": false
                   }
Format           : {
                     "Type ": "Json",
                     "Version": 1
                   }
FlowAnalyticsConfiguration : {
            "networkWatcherFlowAnalyticsConfiguration": {
              "enabled": true,
              "workspaceId": "bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb",
              "workspaceRegion": "WorkspaceLocation",
              "workspaceResourceId": "/subscriptions/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb/resourcegroups/WorkspaceRg/providers/microsoft.operationalinsights/workspaces/WorkspaceName",
			  "TrafficAnalyticsInterval": 60
            }
          }

In this example we get the flow logging and Traffic Analytics status for a Network Security Group. The specified NSG has flow logging and Traffic Analytics enabled, default format and no retention policy set.

Parameters

-AsJob

Run cmdlet in the background

Parameter properties

Type:SwitchParameter
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure.

Parameter properties

Type:IAzureContextContainer
Default value:None
Supports wildcards:False
DontShow:False
Aliases:AzContext, AzureRmContext, AzureCredential

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Location

Location of the network watcher.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

SetByLocation
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-NetworkWatcher

The network watcher resource.

Parameter properties

Type:PSNetworkWatcher
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

SetByResource
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False

-NetworkWatcherName

The name of network watcher.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False
Aliases:Name

Parameter sets

SetByName
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False

-ResourceGroupName

The name of the network watcher resource group.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

SetByName
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:True
Value from remaining arguments:False

-TargetResourceId

The target resource ID.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:True
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Inputs

PSNetworkWatcher

String

Outputs

PSFlowLog

Notes

Keywords: azure, azurerm, arm, resource, management, manager, network, networking, watcher, flow, logs, flowlog, logging