NSG Flow Logs Traffic Analytics

Continue from

NSG Flow logs – e-lo: Ask the AI. (follow-e-lo.com)

So we have our VM, NSG and we are storing flow logs on a storage account as shown from above tutorial.

Now make a log analytics for the traffic analytics.

We have one rg with the logs, lets add it to that.:

done

If you need to edit the retention:

Now go to Network Watcher | Traffic Analytics

Now we can edit all the NSG that we have flow logs for with enable Traffic Analytics.

Press the NSG

Traffic Analytics provides rich analytics and visualization derived from flow logs and other Azure resources’ data. Drill through geo-map, easily figure out traffic hotspots and get insights into optimization possibilities.

Select the new log analytics and set intervall

And save it.

Give it a bit more then 1 h.

If you want to change the interval go to Network Watcher | Flow logs

And select your flow log to change.

It takes time, 20 min, 1 h, give it a day.

But when it is done, you get a lot here:

TRAFFIC DISTRIBUTION
View analytics of traffic flows across host, subnet, VNet and VMSS
units in Flows

APPLICATION PORTS
View analytics for application ports utilized across your environment
units in Flows

Maps and more