New-AzNetworkWatcherPacketCaptureV2
V2 版本的封包擷取 Cmdlet 會建立新的封包擷取資源,並在 VM、VMSS 或少數 VMSS 實例上啟動封包擷取會話。
語法
New-AzNetworkWatcherPacketCaptureV2
-NetworkWatcher <PSNetworkWatcher>
-Name <String>
-TargetId <String>
[-StorageAccountId <String>]
[-StoragePath <String>]
[-LocalFilePath <String>]
[-BytesToCapturePerPacket <Int32>]
[-TotalBytesPerSession <UInt32>]
[-TimeLimitInSecond <Int32>]
[-Scope <PSPacketCaptureMachineScope>]
[-TargetType <String>]
[-Filter <PSPacketCaptureFilter[]>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzNetworkWatcherPacketCaptureV2
-NetworkWatcherName <String>
-ResourceGroupName <String>
-Name <String>
-TargetId <String>
[-StorageAccountId <String>]
[-StoragePath <String>]
[-LocalFilePath <String>]
[-BytesToCapturePerPacket <Int32>]
[-TotalBytesPerSession <UInt32>]
[-TimeLimitInSecond <Int32>]
[-Scope <PSPacketCaptureMachineScope>]
[-TargetType <String>]
[-Filter <PSPacketCaptureFilter[]>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-AzNetworkWatcherPacketCaptureV2
-Location <String>
-Name <String>
-TargetId <String>
[-StorageAccountId <String>]
[-StoragePath <String>]
[-LocalFilePath <String>]
[-BytesToCapturePerPacket <Int32>]
[-TotalBytesPerSession <UInt32>]
[-TimeLimitInSecond <Int32>]
[-Scope <PSPacketCaptureMachineScope>]
[-TargetType <String>]
[-Filter <PSPacketCaptureFilter[]>]
[-AsJob]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
New-AzNetworkWatcherPacketCaptureV2 Cmdlet 會建立新的封包擷取資源,並在 VM、VMSS 或少數 VMSS 實例上啟動封包擷取會話。 封包擷取會話的長度可以透過時間條件約束或大小條件約束來設定。 您也可以設定針對每個封包擷取的數據量。 篩選可以套用至指定的封包擷取會話,讓您自定義所擷取的封包類型。 篩選可以限制本機和遠端IP位址和位址範圍、本機和遠端埠和埠範圍的封包,以及要擷取的會話層級通訊協定。 篩選是可組合的,而且可以套用多個篩選,以提供擷取的粒度。
範例
範例 1:在 VM 上建立封包擷取
$nw = Get-AzResource | Where {$_.ResourceType -eq "Microsoft.Network/networkWatchers" -and $_.Location -eq "WestCentralUS" }
$networkWatcher = Get-AzNetworkWatcher -Name $nw.Name -ResourceGroupName $nw.ResourceGroupName
$storageAccount = Get-AzStorageAccount -ResourceGroupName contosoResourceGroup -Name contosostorage123
$filter1 = New-AzPacketCaptureFilterConfig -Protocol TCP -RemoteIPAddress "1.1.1.1-255.255.255" -LocalIPAddress "10.0.0.3" -LocalPort "1-65535" -RemotePort "20;80;443"
$filter2 = New-AzPacketCaptureFilterConfig -Protocol UDP
New-AzNetworkWatcherPacketCaptureV2 -NetworkWatcher $networkWatcher -TargetId $vm.Id -TargetType "azurevm" -Name "PacketCaptureTest" -StorageAccountId $storageAccount.id -TimeLimitInSecond 60 -Filter $filter1, $filter2
Name : PacketCaptureTest
Id : /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/NetworkWatcherRG/providers/Microsoft.Network/networkWatchers/NetworkWatcher_eastus/packetCaptures/PacketCaptureTest
Etag : W/"0b3c52cb-aa63-4647-93d3-3221c13ccdd2"
ProvisioningState : Succeeded
Target : /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contosoResourceGroup/providers/Microsoft.Compute/virtualMachines/SampleVM
TargetType : AzureVM
BytesToCapturePerPacket : 0
TotalBytesPerSession : 1073741824
TimeLimitInSeconds : 18000
StorageLocation : {
"StorageId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contosoResourceGroup/providers/Microsoft.Storage/storageAccounts/contosostorage123",
"StoragePath": "https://contosostorage123.blob.core.windows.net/network-watcher-logs/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/contosoResourceGroup/providers/microsoft.compute/virtualmachines/SampleVM/2022/07/21/packetcapture_09_20_07_166.cap"
}
Filters : [
{
"Protocol": "TCP",
"RemoteIPAddress": "1.1.1.1-255.255.255",
"LocalIPAddress": "10.0.0.3",
"LocalPort": "1-65535",
"RemotePort": "20;80;443"
},
{
"Protocol": "UDP",
"RemoteIPAddress": "",
"LocalIPAddress": "",
"LocalPort": "",
"RemotePort": ""
}
]
Scope : {
"Include": [],
"Exclude": []
}在此範例中,我們會使用多個篩選和時間限制來建立名為 “PacketCaptureTest” 的封包擷取。 工作階段完成後,它會儲存至指定的記憶體帳戶。 注意:Azure 網路監看員 擴充功能必須安裝在目標虛擬機上,才能建立封包擷取。
範例 2:在 VMSS 上建立封包擷取
$nw = Get-AzResource | Where {$_.ResourceType -eq "Microsoft.Network/networkWatchers" -and $_.Location -eq "WestCentralUS" }
$networkWatcher = Get-AzNetworkWatcher -Name $nw.Name -ResourceGroupName $nw.ResourceGroupName
$storageAccount = Get-AzStorageAccount -ResourceGroupName contosoResourceGroup -Name contosostorage123
$filter1 = New-AzPacketCaptureFilterConfig -Protocol TCP -RemoteIPAddress "1.1.1.1-255.255.255" -LocalIPAddress "10.0.0.3" -LocalPort "1-65535" -RemotePort "20;80;443"
$filter2 = New-AzPacketCaptureFilterConfig -Protocol UDP
New-AzNetworkWatcherPacketCaptureV2 -NetworkWatcher $networkWatcher -TargetId $vmss.Id -TargetType "azurevmss" -Name "PacketCaptureTest" -StorageAccountId $storageAccount.id -TimeLimitInSecond 60 -Filter $filter1, $filter2
Name : PacketCaptureTest
Id : /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/NetworkWatcherRG/providers/Microsoft.Network/networkWatchers/NetworkWatcher_eastus/packetCaptures/PacketCaptureTest
Etag : W/"0b3c52cb-aa63-4647-93d3-3221c13ccdd2"
ProvisioningState : Succeeded
Target : /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contosoResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/SampleVMSS
TargetType : AzureVMSS
BytesToCapturePerPacket : 0
TotalBytesPerSession : 1073741824
TimeLimitInSeconds : 60
StorageLocation : {
"StorageId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contosoResourceGroup/providers/Microsoft.Storage/storageAccounts/contosostorage123",
"StoragePath": "https://contosostorage123.blob.core.windows.net/network-watcher-logs/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/contosoResourceGroup/providers/microsoft.compute/virtualmachinescalesets/SampleVMSS/2022/07/21/packetcapture_09_20_07_166.cap"
}
Filters : [
{
"Protocol": "TCP",
"RemoteIPAddress": "1.1.1.1-255.255.255",
"LocalIPAddress": "10.0.0.3",
"LocalPort": "1-65535",
"RemotePort": "20;80;443"
},
{
"Protocol": "UDP",
"RemoteIPAddress": "",
"LocalIPAddress": "",
"LocalPort": "",
"RemotePort": ""
}
]
Scope : {
"Include": [],
"Exclude": []
}在此範例中,我們會使用多個篩選和時間限制來建立名為 “PacketCaptureTest” 的封包擷取。 工作階段完成後,它會儲存至指定的記憶體帳戶。 注意:Azure 網路監看員 擴充功能必須安裝在目標虛擬機擴展集上,以及遵守最新 vmss 模型的所有個別實例,才能建立封包擷取。
範例 3:在少數 VMSS 實例上建立封包擷取
$nw = Get-AzResource | Where {$_.ResourceType -eq "Microsoft.Network/networkWatchers" -and $_.Location -eq "WestCentralUS" }
$networkWatcher = Get-AzNetworkWatcher -Name $nw.Name -ResourceGroupName $nw.ResourceGroupName
$storageAccount = Get-AzStorageAccount -ResourceGroupName contosoResourceGroup -Name contosostorage123
$filter1 = New-AzPacketCaptureFilterConfig -Protocol TCP -RemoteIPAddress "1.1.1.1-255.255.255" -LocalIPAddress "10.0.0.3" -LocalPort "1-65535" -RemotePort "20;80;443"
$filter2 = New-AzPacketCaptureFilterConfig -Protocol UDP
$instance1 = $vmssInstance1.Name
$instance2 = $vmssInstance2.Name
$scope = New-AzPacketCaptureScopeConfig -Include $instance1, $instance2
New-AzNetworkWatcherPacketCaptureV2 -NetworkWatcher $networkWatcher -TargetId $vmss.Id -TargetType "azurevmss" -Scope $scope -Name "PacketCaptureTest" -StorageAccountId $storageAccount.id -TimeLimitInSecond 60 -Filter $filter1, $filter2
Name : PacketCaptureTest
Id : /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/NetworkWatcherRG/providers/Microsoft.Network/networkWatchers/NetworkWatcher_eastus/packetCaptures/PacketCaptureTest
Etag : W/"0b3c52cb-aa63-4647-93d3-3221c13ccdd2"
ProvisioningState : Succeeded
Target : /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contosoResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/SampleVMSS
TargetType : AzureVMSS
BytesToCapturePerPacket : 0
TotalBytesPerSession : 1073741824
TimeLimitInSeconds : 18000
StorageLocation : {
"StorageId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contosoResourceGroup/providers/Microsoft.Storage/storageAccounts/contosostorage123",
"StoragePath": "https://contosostorage123.blob.core.windows.net/network-watcher-logs/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/contosoResourceGroup/providers/microsoft.compute/virtualmachinescalesets/SampleVMSS/2022/07/21/packetcapture_09_20_07_166.cap"
}
Filters : [
{
"Protocol": "TCP",
"RemoteIPAddress": "1.1.1.1-255.255.255",
"LocalIPAddress": "10.0.0.3",
"LocalPort": "1-65535",
"RemotePort": "20;80;443"
},
{
"Protocol": "UDP",
"RemoteIPAddress": "",
"LocalIPAddress": "",
"LocalPort": "",
"RemotePort": ""
}
]
Scope : {
"Include": [
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contosoResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/SampleVMSS/virtualMachines/0",
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/contosoResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/SampleVMSS/virtualMachines/1"
],
"Exclude": []
}在此範例中,我們會使用多個篩選和時間限制來建立名為 “PacketCaptureTest” 的封包擷取。 工作階段完成後,它會儲存至指定的記憶體帳戶。 注意:Azure 網路監看員 擴充功能必須安裝在目標虛擬機擴展集上,以及包含符合最新 vmss 模型的範圍中的個別實例上,才能建立封包擷取。
參數
-AsJob
在背景執行 Cmdlet
| 類型: | SwitchParameter |
| Position: | Named |
| 預設值: | None |
| 必要: | False |
| 接受管線輸入: | False |
| 接受萬用字元: | False |
-BytesToCapturePerPacket
每個封包要擷取的位元組。
| 類型: | Nullable<T>[Int32] |
| Position: | Named |
| 預設值: | None |
| 必要: | False |
| 接受管線輸入: | True |
| 接受萬用字元: | False |
-Confirm
執行 Cmdlet 之前先提示您確認。
| 類型: | SwitchParameter |
| 別名: | cf |
| Position: | Named |
| 預設值: | None |
| 必要: | False |
| 接受管線輸入: | False |
| 接受萬用字元: | False |
-DefaultProfile
用於與 Azure 通訊的認證、帳戶、租用戶和訂用帳戶。
| 類型: | IAzureContextContainer |
| 別名: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| 預設值: | None |
| 必要: | False |
| 接受管線輸入: | False |
| 接受萬用字元: | False |
-Filter
封包擷取會話的篩選條件。
| 類型: | PSPacketCaptureFilter[] |
| Position: | Named |
| 預設值: | None |
| 必要: | False |
| 接受管線輸入: | False |
| 接受萬用字元: | False |
-LocalFilePath
本機檔案路徑。
| 類型: | String |
| Position: | Named |
| 預設值: | None |
| 必要: | False |
| 接受管線輸入: | True |
| 接受萬用字元: | False |
-Location
網路監看員的位置。
| 類型: | String |
| Position: | Named |
| 預設值: | None |
| 必要: | True |
| 接受管線輸入: | False |
| 接受萬用字元: | False |
-Name
封包擷取名稱。
| 類型: | String |
| 別名: | PacketCaptureName |
| Position: | Named |
| 預設值: | None |
| 必要: | True |
| 接受管線輸入: | True |
| 接受萬用字元: | False |
-NetworkWatcher
網路監看員資源。
| 類型: | PSNetworkWatcher |
| Position: | Named |
| 預設值: | None |
| 必要: | True |
| 接受管線輸入: | True |
| 接受萬用字元: | False |
-NetworkWatcherName
網路監看員的名稱。
| 類型: | String |
| Position: | Named |
| 預設值: | None |
| 必要: | True |
| 接受管線輸入: | True |
| 接受萬用字元: | False |
-ResourceGroupName
網路監看員資源群組的名稱。
| 類型: | String |
| Position: | Named |
| 預設值: | None |
| 必要: | True |
| 接受管線輸入: | True |
| 接受萬用字元: | False |
-Scope
要包含或排除的 VMSS 實例範圍。
| 類型: | PSPacketCaptureMachineScope |
| Position: | Named |
| 預設值: | None |
| 必要: | False |
| 接受管線輸入: | False |
| 接受萬用字元: | False |
-StorageAccountId
記憶體帳戶標識碼。
| 類型: | String |
| Position: | Named |
| 預設值: | None |
| 必要: | False |
| 接受管線輸入: | True |
| 接受萬用字元: | False |
-StoragePath
記憶體路徑。
| 類型: | String |
| Position: | Named |
| 預設值: | None |
| 必要: | False |
| 接受管線輸入: | True |
| 接受萬用字元: | False |
-TargetId
目標虛擬機標識碼或虛擬機擴展集標識碼
| 類型: | String |
| Position: | Named |
| 預設值: | None |
| 必要: | True |
| 接受管線輸入: | True |
| 接受萬用字元: | False |
-TargetType
資源的目標類型。
| 類型: | String |
| Position: | Named |
| 預設值: | None |
| 必要: | False |
| 接受管線輸入: | False |
| 接受萬用字元: | False |
-TimeLimitInSecond
以秒為單位的時間限制。
| 類型: | Nullable<T>[Int32] |
| Position: | Named |
| 預設值: | None |
| 必要: | False |
| 接受管線輸入: | True |
| 接受萬用字元: | False |
-TotalBytesPerSession
每個工作階段的總位元組數。
| 類型: | Nullable<T>[UInt32] |
| Position: | Named |
| 預設值: | None |
| 必要: | False |
| 接受管線輸入: | True |
| 接受萬用字元: | False |
-WhatIf
顯示執行 Cmdlet 後會發生的情況。 未執行 Cmdlet。
| 類型: | SwitchParameter |
| 別名: | wi |
| Position: | Named |
| 預設值: | None |
| 必要: | False |
| 接受管線輸入: | False |
| 接受萬用字元: | False |
輸入
Nullable<T>[[System.Int32, System.Private.CoreLib, Version=6.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e]]
輸出
相關連結
- New-AzNetworkWatcher
- Get-AzNetworkWatcher
- Remove-AzNetworkWatcher
- Get-AzNetworkWatcherNextHop
- Get-AzNetworkWatcherSecurityGroupView
- Get-AzNetworkWatcherTopology
- Start-AzNetworkWatcherResourceTroubleshooting
- New-AzNetworkWatcherPacketCapture
- New-AzPacketCaptureFilterConfig
- New-AzNetworkWatcherPacketCapture
- Get-AzNetworkWatcherPacketCapture
- Remove-AzNetworkWatcherPacketCapture
- Stop-AzNetworkWatcherPacketCapture
- New-AzNetworkWatcherProtocolConfiguration
- Test-AzNetworkWatcherIPFlow
- Test-AzNetworkWatcherConnectivity
- Stop-AzNetworkWatcherConnectionMonitor
- Start-AzNetworkWatcherConnectionMonitor
- Set-AzNetworkWatcherConnectionMonitor
- Set-AzNetworkWatcherConfigFlowLog
- Remove-AzNetworkWatcherConnectionMonitor
- New-AzNetworkWatcherConnectionMonitor
- Get-AzNetworkWatcherTroubleshootingResult
- Get-AzNetworkWatcherReachabilityReport
- Get-AzNetworkWatcherReachabilityProvidersList
- Get-AzNetworkWatcherFlowLogStatus
- Get-AzNetworkWatcherConnectionMonitorReport
- Get-AzNetworkWatcherConnectionMonitor
