Skip to content

Commit 01c0d3d

Browse files
halkazwinihalkazwini
committed
correct json block format
1 parent ab640e0 commit 01c0d3d

File tree

1 file changed

+83
-16
lines changed

1 file changed

+83
-16
lines changed

articles/network-watcher/flow-logs-read.md

Lines changed: 83 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ author: halkazwini
66
ms.author: halkazwini
77
ms.service: network-watcher
88
ms.topic: how-to
9-
ms.date: 04/17/2024
9+
ms.date: 04/18/2024
1010
ms.custom: devx-track-azurepowershell
1111

1212
#CustomerIntent: As an Azure administrator, I want to read my flow logs using a PowerShell script so I can see the latest data.
@@ -273,23 +273,90 @@ The results of this value are shown in the following example:
273273
# [**NSG flow logs**](#tab/nsg)
274274

275275
```json
276+
{
277+
"records": [
276278
{
277-
"time": "2017-06-16T20:59:43.7340000Z",
278-
"systemId": "5f4d02d3-a7d0-4ed4-9ce8-c0ae9377951c",
279-
"category": "NetworkSecurityGroupFlowEvent",
280-
"resourceId": "/SUBSCRIPTIONS/00000000-0000-0000-0000-000000000000/RESOURCEGROUPS/CONTOSORG/PROVIDERS/MICROSOFT.NETWORK/NETWORKSECURITYGROUPS/CONTOSONSG",
281-
"operationName": "NetworkSecurityGroupFlowEvents",
282-
"properties": {"Version":1,"flows":[{"rule":"DefaultRule_AllowInternetOutBound","flows":[{"mac":"000D3A18077E","flowTuples":["1497646722,10.0.0.4,168.62.32.14,44904,443,T,O,A","1497646722,10.0.0.4,52.240.48.24,45218,443,T,O,A","1497646725,10.
283-
0.0.4,168.62.32.14,44910,443,T,O,A","1497646725,10.0.0.4,52.240.48.24,45224,443,T,O,A","1497646728,10.0.0.4,168.62.32.14,44916,443,T,O,A","1497646728,10.0.0.4,52.240.48.24,45230,443,T,O,A","1497646732,10.0.0.4,168.62.32.14,44922,443,T,O,A","14976
284-
46732,10.0.0.4,52.240.48.24,45236,443,T,O,A","1497646735,10.0.0.4,168.62.32.14,44928,443,T,O,A","1497646735,10.0.0.4,52.240.48.24,45242,443,T,O,A","1497646738,10.0.0.4,168.62.32.14,44934,443,T,O,A","1497646738,10.0.0.4,52.240.48.24,45248,443,T,O,
285-
A","1497646742,10.0.0.4,168.62.32.14,44942,443,T,O,A","1497646742,10.0.0.4,52.240.48.24,45256,443,T,O,A","1497646745,10.0.0.4,168.62.32.14,44948,443,T,O,A","1497646745,10.0.0.4,52.240.48.24,45262,443,T,O,A","1497646749,10.0.0.4,168.62.32.14,44954
286-
,443,T,O,A","1497646749,10.0.0.4,52.240.48.24,45268,443,T,O,A","1497646753,10.0.0.4,168.62.32.14,44960,443,T,O,A","1497646753,10.0.0.4,52.240.48.24,45274,443,T,O,A","1497646756,10.0.0.4,168.62.32.14,44966,443,T,O,A","1497646756,10.0.0.4,52.240.48
287-
.24,45280,443,T,O,A","1497646759,10.0.0.4,168.62.32.14,44972,443,T,O,A","1497646759,10.0.0.4,52.240.48.24,45286,443,T,O,A","1497646763,10.0.0.4,168.62.32.14,44978,443,T,O,A","1497646763,10.0.0.4,52.240.48.24,45292,443,T,O,A","1497646766,10.0.0.4,
288-
168.62.32.14,44984,443,T,O,A","1497646766,10.0.0.4,52.240.48.24,45298,443,T,O,A","1497646769,10.0.0.4,168.62.32.14,44990,443,T,O,A","1497646769,10.0.0.4,52.240.48.24,45304,443,T,O,A","1497646773,10.0.0.4,168.62.32.14,44996,443,T,O,A","1497646773,
289-
10.0.0.4,52.240.48.24,45310,443,T,O,A","1497646776,10.0.0.4,168.62.32.14,45002,443,T,O,A","1497646776,10.0.0.4,52.240.48.24,45316,443,T,O,A","1497646779,10.0.0.4,168.62.32.14,45008,443,T,O,A","1497646779,10.0.0.4,52.240.48.24,45322,443,T,O,A"]}]}
290-
,{"rule":"DefaultRule_DenyAllInBound","flows":[]},{"rule":"UserRule_ssh-rule","flows":[]},{"rule":"UserRule_web-rule","flows":[{"mac":"000D3A18077E","flowTuples":["1497646738,13.82.225.93,10.0.0.4,1180,80,T,I,A","1497646750,13.82.225.93,10.0.0.4,
291-
1184,80,T,I,A","1497646768,13.82.225.93,10.0.0.4,1181,80,T,I,A","1497646780,13.82.225.93,10.0.0.4,1336,80,T,I,A"]}]}]}
279+
"time": "2017-06-16T20:59:43.7340000Z",
280+
"systemId": "5f4d02d3-a7d0-4ed4-9ce8-c0ae9377951c",
281+
"category": "NetworkSecurityGroupFlowEvent",
282+
"resourceId": "/SUBSCRIPTIONS/00000000-0000-0000-0000-000000000000/RESOURCEGROUPS/CONTOSORG/PROVIDERS/MICROSOFT.NETWORK/NETWORKSECURITYGROUPS/CONTOSONSG",
283+
"operationName": "NetworkSecurityGroupFlowEvents",
284+
"properties": {
285+
"Version": 1,
286+
"flows": [
287+
{
288+
"rule": "DefaultRule_AllowInternetOutBound",
289+
"flows": [
290+
{
291+
"mac": "000D3A18077E",
292+
"flowTuples": [
293+
"1497646722,10.0.0.4,168.62.32.14,44904,443,T,O,A",
294+
"1497646722,10.0.0.4,52.240.48.24,45218,443,T,O,A",
295+
"1497646725,10.0.0.4,168.62.32.14,44910,443,T,O,A",
296+
"1497646725,10.0.0.4,52.240.48.24,45224,443,T,O,A",
297+
"1497646728,10.0.0.4,168.62.32.14,44916,443,T,O,A",
298+
"1497646728,10.0.0.4,52.240.48.24,45230,443,T,O,A",
299+
"1497646732,10.0.0.4,168.62.32.14,44922,443,T,O,A",
300+
"1497646732,10.0.0.4,52.240.48.24,45236,443,T,O,A",
301+
"1497646735,10.0.0.4,168.62.32.14,44928,443,T,O,A",
302+
"1497646735,10.0.0.4,52.240.48.24,45242,443,T,O,A",
303+
"1497646738,10.0.0.4,168.62.32.14,44934,443,T,O,A",
304+
"1497646738,10.0.0.4,52.240.48.24,45248,443,T,O,A",
305+
"1497646742,10.0.0.4,168.62.32.14,44942,443,T,O,A",
306+
"1497646742,10.0.0.4,52.240.48.24,45256,443,T,O,A",
307+
"1497646745,10.0.0.4,168.62.32.14,44948,443,T,O,A",
308+
"1497646745,10.0.0.4,52.240.48.24,45262,443,T,O,A",
309+
"1497646749,10.0.0.4,168.62.32.14,44954,443,T,O,A",
310+
"1497646749,10.0.0.4,52.240.48.24,45268,443,T,O,A",
311+
"1497646753,10.0.0.4,168.62.32.14,44960,443,T,O,A",
312+
"1497646753,10.0.0.4,52.240.48.24,45274,443,T,O,A",
313+
"1497646756,10.0.0.4,168.62.32.14,44966,443,T,O,A",
314+
"1497646756,10.0.0.4,52.240.48.24,45280,443,T,O,A",
315+
"1497646759,10.0.0.4,168.62.32.14,44972,443,T,O,A",
316+
"1497646759,10.0.0.4,52.240.48.24,45286,443,T,O,A",
317+
"1497646763,10.0.0.4,168.62.32.14,44978,443,T,O,A",
318+
"1497646763,10.0.0.4,52.240.48.24,45292,443,T,O,A",
319+
"1497646766,10.0.0.4,168.62.32.14,44984,443,T,O,A",
320+
"1497646766,10.0.0.4,52.240.48.24,45298,443,T,O,A",
321+
"1497646769,10.0.0.4,168.62.32.14,44990,443,T,O,A",
322+
"1497646769,10.0.0.4,52.240.48.24,45304,443,T,O,A",
323+
"1497646773,10.0.0.4,168.62.32.14,44996,443,T,O,A",
324+
"1497646773,10.0.0.4,52.240.48.24,45310,443,T,O,A",
325+
"1497646776,10.0.0.4,168.62.32.14,45002,443,T,O,A",
326+
"1497646776,10.0.0.4,52.240.48.24,45316,443,T,O,A",
327+
"1497646779,10.0.0.4,168.62.32.14,45008,443,T,O,A",
328+
"1497646779,10.0.0.4,52.240.48.24,45322,443,T,O,A"
329+
]
330+
}
331+
]
332+
},
333+
{
334+
"rule": "DefaultRule_DenyAllInBound",
335+
"flows": []
336+
},
337+
{
338+
"rule": "UserRule_ssh-rule",
339+
"flows": []
340+
},
341+
{
342+
"rule": "UserRule_web-rule",
343+
"flows": [
344+
{
345+
"mac": "000D3A18077E",
346+
"flowTuples": [
347+
"1497646738,13.82.225.93,10.0.0.4,1180,80,T,I,A",
348+
"1497646750,13.82.225.93,10.0.0.4,1184,80,T,I,A",
349+
"1497646768,13.82.225.93,10.0.0.4,1181,80,T,I,A",
350+
"1497646780,13.82.225.93,10.0.0.4,1336,80,T,I,A"
351+
]
352+
}
353+
]
354+
}
355+
]
356+
}
292357
}
358+
]
359+
}
293360
```
294361

295362
# [**VNet flow logs (preview)**](#tab/vnet)

0 commit comments

Comments
 (0)