Azure Network Watcher: Blob storage path update for NSG flow logs

2017年7月15日

On Monday, July 31, 2017, the Azure Network Watcher team will begin rolling out a change to the blob format used for saving Network Security Group (NSG) flow logs to Azure Blob storage. This change is based on requests to increase the granularity for NSG flow logs. It does not affect the JSON schema for flow logs.

The new path format will include the network interface MAC address in the blob path. Although the format of NSG flow logs will not change, blobs will then contain only NSG logs for the network interface referenced in the MAC address by path. This enables you to selectively sort, filter, and process flow logs by MAC address.

Current path format:

“/insights-logsnetworksecuritygroupflowevent/resourceId=/SUBSCRIPTIONS/{subscriptionID}/RES OURCEGROUPS/{resourceGroupName}/PROVIDERS/MICROSOFT.NETWORK/NETWORKSECURITYG ROUPS/AUDITNSG/y={year}/m={month}/d={day}/h={hour}/m=00/PT1H.json”

Sample of current path format:

“/insights-logsnetworksecuritygroupflowevent/resourceId=/SUBSCRIPTIONS/00000000-0000-0000- 0000-000000000000/RESOURCEGROUPS/ContosoRG/PROVIDERS/MICROSOFT.NETWORK/NETWORKSEC URITYGROUPS/AUDITNSG/y=2017/m=07/d=12/h=02/m=00/PT1H.json”

Updated path format:

“/insights-logsnetworksecuritygroupflowevent/resourceId=/SUBSCRIPTIONS/{subscriptionID}/RES OURCEGROUPS/{resourceGroupName}/PROVIDERS/MICROSOFT.NETWORK/NETWORKSECURITYG ROUPS/AUDITNSG/y={year}/m={month}/d={day}/h={hour}/m=00/macAddress={macAddress}/PT1H.json”

Sample of updated path format:

“/insights-logsnetworksecuritygroupflowevent/resourceId=/SUBSCRIPTIONS/00000000-0000-0000- 0000- 000000000000/RESOURCEGROUPS/ContosoRG/PROVIDERS/MICROSOFT.NETWORK/NETWORKSEC URITYGROUPS/AUDITNSG/y=2017/m=07/d=31/h=02/m=00/macAddress=00125A011101/PT1H .json”

When this change takes effect, the NSGs that you have enabled for flow logs will begin writing flow logs by using the updated path format. This change will not affect your NSG flows being written to storage. Please ensure that any of your integrations or applications that use NSG flow logs comply with the updated blob path format. If you have any questions or concerns, contact AzureNetworkWatcher@microsoft.com.

免费帐户

现在注册即获得 $200 Azure 信用额度

免费开始

Visual Studio

订阅者每年可获得高达 $1800 的 Azure 服务

立即激活

初创企业

加入 BizSpark 计划并获得免费的 Azure 服务

了解更多