Azure Network Watcher Flow Log Builder

About This Tool

The Azure Network Watcher Flow Log Builder helps you configure NSG (Network Security Group) flow logs for network traffic analysis. Flow logs record information about IP traffic flowing through NSGs, which is essential for security monitoring, compliance auditing, and network troubleshooting. This tool guides you through configuring flow log settings, retention policies, traffic analytics integration, and storage destinations.

When to Use This Tool

• •Configure NSG flow logs for security monitoring to track allowed and denied network traffic across your Azure network.
• •Set up flow logs with Traffic Analytics integration for visualizing network traffic patterns and identifying anomalies.
• •Build flow log configurations with appropriate retention policies for compliance requirements like PCI-DSS or SOC 2.
• •Configure flow logs for troubleshooting network connectivity issues by capturing detailed traffic data for specific NSGs.

Frequently Asked Questions

What is the difference between NSG flow logs v1 and v2?

Version 1 logs include basic 5-tuple flow information (source/destination IP, port, protocol, and allow/deny). Version 2 adds byte and packet counts, flow state (begin, continuing, end), and throughput information. Version 2 is recommended for its richer data and Traffic Analytics compatibility.

What is Traffic Analytics?

Traffic Analytics is a cloud-based solution that processes NSG flow log data and provides visualization and analysis capabilities. It shows traffic patterns, top talkers, security threats, and network topology in the Azure portal. It requires a Log Analytics workspace and adds processing costs on top of flow log storage.