What are the steps and the procedure for VNET peering to avoid bringing down the entire network?
Folks, I require some help and guidance to perform the VNET peering of my Azure VM, Azure SQL DBs and Web Apps Private Endpoint with the existing ExpressRoute VNET. My existing corporate network and the production data centre OnPremises are connected via…
Terraform module azurerm_network_watcher_flow_log - summary custom permissions needed for this module
Hello, i'm trying to deploy Terraform module azurerm_network_watcher_flow_log without owner, contributor, or network contributor roles at the subscription level (it's related to company limitations). What would be summary custom permissions for SPN so…
I want to check the NSG list through API. But it says there's a problem with the authority.
token request nsg list request response I don't know why this error occurs. Is the permission setting for calling NSG lists to API wrong? Please tell me how to set it up in detail.please.
Where can I check to see the reason behind Azure Network Watcher Traffic Analytics label of MaliciousFlow?
I have a flow labeled as MaliciousFlow, and I would like to find out more why it was labeled as such. I don't see how the traffic is particularly malicious other than it was probably on a blacklist at a point in time. But if I am going to tell my boss…
How to connect multiple on-prem vpn device with each other?
Hi, I want to know , if there is multiple on-prem scenarios like having different vpn devices in on-prem in different country, on that case what is the best way to connect each other and establish the connection.?
What are the things need to know about the azure networking ?
Hi, I would like to know, as a network engineer and Azure admin, what are the Azure networking things I need to know to connect on-prem to Azure or migrate on-prem to Azure. I want a list of all the Azure networking items that we need to know as an Azure…
What are the options for limiting inbound access from public IP to my Azure environment (External attacks), and what is the best practice?
My current project involves researching and exploring Azure Network security features I can leverage to make my existing environment more secure from external Public IP attacks. This is for the following items: Azure Web App Azure Virtual Machine -…
Enable Traffic Analytics in NSG flow log
Hi Team, Iam currently working on a process for creating NSG flow log with Traffic Analytics Enabled through bicep. When i have tested the pipeline i have received the below error "TAUserDoesNotHavePermissions: User does not have permissions to…
Should I enable diagnostics on an internal Load Balancer or NSG on the subnet to get info on IP Addresses that connect to an internal Load Balancer ?
Should I enable diagnostics on an internal Load Balancer or NSG on the subnet to get info on IP Addresses that connect to an internal Load Balancer ?
See all internet based traffic leaving azure natively - report
Hi, Does anyone know if it is possible or what type of report we can generate that will essentially show all internet-based traffic leaving Azure natively (not via the FortiGate FW’s etc.) - KQL? Thank you in advance!
Get details about NGS rule listed more than 90 days
I got alert about vulnerability check about NSG rule but that was created 90 days ago and not listed in logs or monitoring kql query, how to get NSG rules from created and active from past 1 year or more and who consume it using powershell or az cli or…
Deploy NSG flow logs through Bicep
Hi Team, Is there a way to deploy multiple NSG flow logs at the same time using Bicep. Also i need to use NetworkWatcherRG to a different RG but same subscription, is that possible?
Drill into azure network monitoring spikes for detail
I am doing some monitoring on a VMSS and i see regular network spikes at pretty consistent intervals. I'm using the "Network In Total (SUM)" metric. How can i get detail on these spikes and see what this might be?
Securing access to the Azure SQL Server Database via SSMS using Privatelink ?
My company already using the Azure Express route circuit to allow secure and quicker data access across the WAN. I am trying to secure access to my SQL database in Azure from my user laptop across the globe. Turn off the Public Endpoint for all SQL…
About How to take packet capture which including global ip address.
Hi All, I need take packet capture which including global ip address of Linux VM. If I taken capture using tcpdump on Linux VM, source and destination are local address of Linux VM. I would like to take capture which source and destination are glocal ip…
Resources were getting recreated each time I execute az cli command
I am trying to create resources with Az cli everytime if i deploy the change in template in file, all the resources were getting re created for each and every deployment. Please help me to resolve this issue Thanks! Errors: abhishek@xxxxx-abhishek…
I accidentally Deleted the Network Watcher RG in Microsoft Azure. How can I undo this decision?
I deleted the Network Watcher RG in Microsoft Azure and I'm having trouble re installing it. Any help on this matter is greatly appreciated.
KQL Query to match NSG Inbound Rules with other Resource Group NSG Inbound Rules.
Hello Team, I'm looking to create an Azure monitor alert to compare NSG Inbound Rules with other RG NSG Rules. If the Rules did not match then should be fired an alert. For the same, I enabled Diagnostic settings under both NSG and set the same Log…
Output of az account list-locations
Hi team, Following Azure_cis_2.0.0 - 6.6 Ensure that Network Watcher is 'Enabled' (Automated) , I'm trying to enable the Network Watcher for all the available regions for the subscription. When I'm running the command: az account list-locations I got 79…
Unable to create Network Watcher Connection Monitor
I am unable to create Network Watcher Connection Monitor. I tried in both CLI and the portal. Few points to note: All VMs used have the network watcher agent installed The subscription is registered with Microsoft.Operational Insights. In the…