Azure Network Watcher: Blob storage path update for NSG flow logs

samedi 15 juillet 2017

On Monday, July 31, 2017, the Azure Network Watcher team will begin rolling out a change to the blob format used for saving Network Security Group (NSG) flow logs to Azure Blob storage. This change is based on requests to increase the granularity for NSG flow logs. It does not affect the JSON schema for flow logs.

The new path format will include the network interface MAC address in the blob path. Although the format of NSG flow logs will not change, blobs will then contain only NSG logs for the network interface referenced in the MAC address by path. This enables you to selectively sort, filter, and process flow logs by MAC address.

Current path format:

“/insights-logsnetworksecuritygroupflowevent/resourceId=/SUBSCRIPTIONS/{subscriptionID}/RES OURCEGROUPS/{resourceGroupName}/PROVIDERS/MICROSOFT.NETWORK/NETWORKSECURITYG ROUPS/AUDITNSG/y={year}/m={month}/d={day}/h={hour}/m=00/PT1H.json”

Sample of current path format:

“/insights-logsnetworksecuritygroupflowevent/resourceId=/SUBSCRIPTIONS/00000000-0000-0000- 0000-000000000000/RESOURCEGROUPS/ContosoRG/PROVIDERS/MICROSOFT.NETWORK/NETWORKSEC URITYGROUPS/AUDITNSG/y=2017/m=07/d=12/h=02/m=00/PT1H.json”

Updated path format:

“/insights-logsnetworksecuritygroupflowevent/resourceId=/SUBSCRIPTIONS/{subscriptionID}/RES OURCEGROUPS/{resourceGroupName}/PROVIDERS/MICROSOFT.NETWORK/NETWORKSECURITYG ROUPS/AUDITNSG/y={year}/m={month}/d={day}/h={hour}/m=00/macAddress={macAddress}/PT1H.json”

Sample of updated path format:

“/insights-logsnetworksecuritygroupflowevent/resourceId=/SUBSCRIPTIONS/00000000-0000-0000- 0000- 000000000000/RESOURCEGROUPS/ContosoRG/PROVIDERS/MICROSOFT.NETWORK/NETWORKSEC URITYGROUPS/AUDITNSG/y=2017/m=07/d=31/h=02/m=00/macAddress=00125A011101/PT1H .json”

When this change takes effect, the NSGs that you have enabled for flow logs will begin writing flow logs by using the updated path format. This change will not affect your NSG flows being written to storage. Please ensure that any of your integrations or applications that use NSG flow logs comply with the updated blob path format. If you have any questions or concerns, contact AzureNetworkWatcher@microsoft.com.

Compte gratuit

Apprenez et créez avec un crédit de $200 et poursuivez gratuitement

Démarrez gratuitement

Visual Studio

Les abonnés obtiennent des crédits d’un montant de $1800 par an pour l’achat de services Azure

Activer maintenant

Start-ups

Rejoignez le programme BizSpark et bénéficiez des services Azure gratuits

En savoir plus.