Enhancements to NSG flow logs (version 2) for Azure Network Watcher
Posted on Wednesday, February 20, 2019
Network security group (NSG) flow logs in Azure Network Watcher offer valuable information that help our customers audit their networks in the cloud. Enhancements to the flow logs (version 2) now include byte and packet counts and session state on a per-flow basis. The new metrics provide additional information that can help you better understand capacity utilization and maintain compliance on the network.
These enhancements to NSG flow logs are now available in all public cloud regions.
Traffic analytics, our cloud-based network analytics solution, has been upgraded to use the additional flow data that's available in NSG flow logs version 2. Version 1 continues to be available.
See related feedback from Azure customers
Packet and Byte Count in NSG Flow Logs completed
Adding packet and byte count to NSG flow logs would give it parity with a number of netFlow analysis tools. Analyzing flows by data transferred is much more useful than counting flows and provides much better insight into the network. While WireData may provide this additional data it is (1) not available everywhere, (2) provides data redundant to NSG Flow, and (3) requires agent to get the necessary data.Dave Medvitz