NSG flow logs overview – Azure Network Watcher | Microsoft Learn

Why use flow logs?
It’s vital to monitor, manage, and know your own network so that you can protect and optimize it. You need to know the current state of the network, who’s connecting, and where users are connecting from. You also need to know which ports are open to the internet, what network behavior is expected, what network behavior is irregular, and when sudden rises in traffic happen.

Flow logs are the source of truth for all network activity in your cloud environment. Whether you’re in a startup that’s trying to optimize resources or a large enterprise that’s trying to detect intrusion, flow logs can help. You can use them for optimizing network flows, monitoring throughput, verifying compliance, detecting intrusions, and more.

Create an rg

Go to network watchers

Flow logs create

Or go the the NSG

Select the NSG you want to monitor

Create a new storage account in the same rg, retention days is only available in gpv2.

Wait with Traffic Analytics

Ready

View storage account, wait until finished and then wait some more

NSG flow logs overview – Azure Network Watcher | Microsoft Learn

Visualize NSG flow logs using Network Watcher traffic analytics
Visualize NSG flow logs using Power BI
Visualize NSG flow logs using Elastic Stack
Manage and analyze NSG flow logs using Grafana
Manage and analyze NSG flow logs using Graylog

Tutorial: Log network traffic flow to and from a virtual machine – Azure Network Watcher | Microsoft Learn

View it in storage explorer

Or storage account

Container