Merge pull request #272758 from halkazwini/nw-vnetflow

prmerger-automator[bot] · web-flow · commit 09c5d6dfe371 · 2024-04-24T14:26:44.000Z
VNet flow logs GA updates
diff --git a/articles/network-watcher/flow-logs-read.md b/articles/network-watcher/flow-logs-read.md
@@ -6,7 +6,7 @@ author: halkazwini
 ms.author: halkazwini
 ms.service: network-watcher
 ms.topic: how-to
-ms.date: 04/18/2024
+ms.date: 04/22/2024
 ms.custom: devx-track-azurepowershell
 
 #CustomerIntent: As an Azure administrator, I want to read my flow logs using a PowerShell script so I can see the latest data.
@@ -91,7 +91,7 @@ $CloudBlockBlob = Get-NSGFlowLogCloudBlockBlob -subscriptionId "yourSubscription
 $blockList = Get-NSGFlowLogBlockList -CloudBlockBlob $CloudBlockBlob
 ```
 
-# [**VNet flow logs (preview)**](#tab/vnet)
+# [**VNet flow logs**](#tab/vnet)
 
 The following PowerShell script sets up the variables needed to query the VNet flow log blob and list the blocks within the [CloudBlockBlob](/dotnet/api/microsoft.azure.storage.blob.cloudblockblob) block blob. Update the script to contain valid values for your environment.
 
@@ -218,7 +218,7 @@ function Get-NSGFlowLogReadBlock  {
 $valuearray = Get-NSGFlowLogReadBlock -blockList $blockList -CloudBlockBlob $CloudBlockBlob
 ```
 
-# [**VNet flow logs (preview)**](#tab/vnet)
+# [**VNet flow logs**](#tab/vnet)
 
 ```powershell
 function Get-VNetFlowLogReadBlock  {
@@ -333,7 +333,7 @@ The results of this value are shown in the following example:
 }
 ```
 
-# [**VNet flow logs (preview)**](#tab/vnet)
+# [**VNet flow logs**](#tab/vnet)
 
 ```json
 {
diff --git a/articles/network-watcher/network-watcher-overview.md b/articles/network-watcher/network-watcher-overview.md
@@ -5,7 +5,7 @@ author: halkazwini
 ms.author: halkazwini
 ms.service: network-watcher
 ms.topic: overview
-ms.date: 04/08/2024
+ms.date: 04/22/2024
 
 #CustomerIntent: As someone with basic Azure network experience, I want to understand how Azure Network Watcher can help me resolve some of the network-related problems I've encountered and provide insight into how I use Azure networking.
 ---
@@ -91,7 +91,7 @@ Network Watcher offers two traffic tools that help you log and visualize network
 
 **Flow logs** allows you to log information about your Azure IP traffic and stores the data in Azure storage. You can log IP traffic flowing through a network security group or Azure virtual network. For more information, see:
 - [NSG flow logs](nsg-flow-logs-overview.md) and [Manage NSG flow logs](nsg-flow-logs-portal.md).
-- [VNet flow logs (preview)](vnet-flow-logs-overview.md) and [Manage VNet flow logs](vnet-flow-logs-portal.md).
+- [VNet flow logs](vnet-flow-logs-overview.md) and [Manage VNet flow logs](vnet-flow-logs-portal.md).
 
 ### Traffic analytics
 
diff --git a/articles/network-watcher/nsg-flow-logs-migrate.md b/articles/network-watcher/nsg-flow-logs-migrate.md
@@ -6,7 +6,7 @@ author: halkazwini
 ms.author: halkazwini
 ms.service: network-watcher
 ms.topic: how-to
-ms.date: 04/18/2024
+ms.date: 04/22/2024
 
 #CustomerIntent: As an Azure administrator, I want to migrate my NSG flow logs to the new VNet flow logs so that I can use all the benefits of VNet flow logs, which overcome some of the NSG flow logs limitations..
 ---
@@ -15,9 +15,6 @@ ms.date: 04/18/2024
 
 In this article, you learn how to migrate your existing NSG flow logs to VNet flow logs. VNet flow logs overcome some of the limitations of NSG flow logs. For more information, see [VNet flow logs](vnet-flow-logs-overview.md).
 
-> [!IMPORTANT]
-> The VNet flow logs feature is currently in preview. This preview version is provided without a service-level agreement, and we don't recommend it for production workloads. Certain features might not be supported or might have constrained capabilities. For legal terms that apply to Azure features that are in beta, in preview, or otherwise not yet released into general availability, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
-
 ## Prerequisites
 
 - An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
diff --git a/articles/network-watcher/required-rbac-permissions.md b/articles/network-watcher/required-rbac-permissions.md
@@ -6,7 +6,7 @@ author: halkazwini
 ms.author: halkazwini
 ms.service: network-watcher
 ms.topic: concept-article
-ms.date: 11/27/2023
+ms.date: 04/22/2024
 
 #CustomerIntent: As an Azure administrator, I want to know the required Azure role-based access control (Azure RBAC) permissions to use each of the Network Watcher capabilities, so I can assign them correctly to users using any of those capabilities.
 ---
@@ -78,7 +78,7 @@ Since traffic analytics is enabled as part of the Flow log resource, the followi
 > | Microsoft.Insights/dataCollectionEndpoints/write <sup>1</sup>       | Create or update a data collection endpoint                    |
 > | Microsoft.Insights/dataCollectionEndpoints/delete <sup>1</sup>      | Delete a data collection endpoint                              |
 
-<sup>1</sup> Only required when using traffic analytics to analyze VNet flow logs (preview). For more information, see [Data collection rules in Azure Monitor](../azure-monitor/essentials/data-collection-rule-overview.md?toc=/azure/network-watcher/toc.json) and [Data collection endpoints in Azure Monitor](../azure-monitor/essentials/data-collection-endpoint-overview.md?toc=/azure/network-watcher/toc.json).
+<sup>1</sup> Only required when using traffic analytics to analyze VNet flow logs. For more information, see [Data collection rules in Azure Monitor](../azure-monitor/essentials/data-collection-rule-overview.md?toc=/azure/network-watcher/toc.json) and [Data collection endpoints in Azure Monitor](../azure-monitor/essentials/data-collection-endpoint-overview.md?toc=/azure/network-watcher/toc.json).
 
 > [!CAUTION]
 > Data collection rule and data collection endpoint resources are created and managed by traffic analytics. If you perform any operation on these resources, traffic analytics may not function as expected.
diff --git a/articles/network-watcher/traffic-analytics-schema.md b/articles/network-watcher/traffic-analytics-schema.md
@@ -6,7 +6,7 @@ author: halkazwini
 ms.author: halkazwini
 ms.service: network-watcher
 ms.topic: concept-article
-ms.date: 12/05/2023
+ms.date: 04/22/2024
 
 #CustomerIntent: As a administrator, I want learn about traffic analytics schema so I can easily use the queries and understand their output.
 ---
@@ -32,7 +32,7 @@ Traffic analytics is a cloud-based solution that provides visibility into user a
 - `FlowStartTime_t` field indicates the first occurrence of such an aggregated flow (same four-tuple) in the flow log processing interval between `FlowIntervalStartTime_t` and `FlowIntervalEndTime_t`.
 - For any resource in traffic analytics, the flows indicated in the Azure portal are total flows seen by the network security group, but in Azure Monitor logs, user sees only the single, reduced record. To see all the flows, use the `blob_id` field,  which can be referenced from storage. The total flow count for that record matches the individual flows seen in the blob.
 
-# [**VNet flow logs (preview)**](#tab/vnet)
+# [**VNet flow logs**](#tab/vnet)
 
 - All flow logs between `FlowIntervalStartTime` and `FlowIntervalEndTime` are captured at one-minute intervals as blobs in a storage account.
 - Default processing interval of traffic analytics is 60 minutes, meaning that every hour, traffic analytics picks blobs from the storage account for aggregation. However, if a processing interval of 10 minutes is selected, traffic analytics will instead pick blobs from the storage account every 10 minutes.
@@ -174,7 +174,7 @@ The following table lists the fields in the schema and what they signify for NSG
 > - Deprecated fields: `VMIP_s`, `Subscription_g`, `Region_s`, `NSGRules_s`, `Subnet_s`, `VM_s`, `NIC_s`, `PublicIPs_s`, `FlowCount_d`
 > - New fields: `SrcPublicIPs_s`, `DestPublicIPs_s`, `NSGRule_s`
 
-# [**VNet flow logs (preview)**](#tab/vnet)
+# [**VNet flow logs**](#tab/vnet)
 
 The following table lists the fields in the schema and what they signify for VNet flow logs.
 
@@ -271,7 +271,7 @@ The following table details public IP schema:
 | **ThreatDescription** | Description of the threat | **For Malicious IPs only**: Description of the threat posed by the malicious IP. |
 | **DNSDomain** | DNS domain | **For Malicious IPs only**: Domain name associated with this IP. |
 
-# [**VNet flow logs (preview)**](#tab/vnet)
+# [**VNet flow logs**](#tab/vnet)
 
 | Field | Format | Comments |
 | ----- | ------ | -------- |
diff --git a/articles/network-watcher/traffic-analytics.md b/articles/network-watcher/traffic-analytics.md
@@ -7,7 +7,7 @@ ms.author: halkazwini
 ms.service: network-watcher
 ms.topic: concept-article
 ms.reviewer: harshacs
-ms.date: 11/27/2023
+ms.date: 04/22/2024
 
 #CustomerIntent: As an Azure administrator, I want to use Traffic analytics to analyze Network Watcher flow logs so that I can view network activity, secure my networks, and optimize performance.
 ---
@@ -63,7 +63,7 @@ To use traffic analytics, you need the following components:
 
 - **Log Analytics workspace**: The environment that stores Azure Monitor log data that pertains to an Azure account. For more information about Log Analytics workspaces, see [Overview of Log Analytics workspace](../azure-monitor/logs/log-analytics-workspace-overview.md?toc=/azure/network-watcher/toc.json).
 
-- Additionally, you need a network security group enabled for flow logging if you're using traffic analytics to analyze [NSG flow logs](nsg-flow-logs-overview.md) or a virtual network enabled for flow logging if you're using traffic analytics to analyze [VNet flow logs (preview)](vnet-flow-logs-overview.md):
+- Additionally, you need a network security group enabled for flow logging if you're using traffic analytics to analyze [NSG flow logs](nsg-flow-logs-overview.md) or a virtual network enabled for flow logging if you're using traffic analytics to analyze [VNet flow logs](vnet-flow-logs-overview.md):
 
     - **Network security group (NSG)**: A resource that contains a list of security rules that allow or deny network traffic to or from resources that are connected to an Azure virtual network. Network security groups can be associated with subnets, network interfaces (NICs) that are attached to VMs (Resource Manager), or individual VMs (classic). For more information, see [Network security group overview](../virtual-network/network-security-groups-overview.md?toc=/azure/network-watcher/toc.json).
     
@@ -78,7 +78,7 @@ To use traffic analytics, you need the following components:
     
     - **Virtual network (VNet)**: A resource that enables many types of Azure resources to securely communicate with each other, the internet, and on-premises networks. For more information, see [Virtual network overview](../virtual-network/virtual-networks-overview.md?toc=/azure/network-watcher/toc.json).
     
-    - **VNet flow logs (preview)**: Recorded information about ingress and egress IP traffic through a virtual network. VNet flow logs are written in JSON format and include:
+    - **VNet flow logs**: Recorded information about ingress and egress IP traffic through a virtual network. VNet flow logs are written in JSON format and include:
     
       - Outbound and inbound flows.
       - Information about the flow, such as the source and destination IP addresses, the source and destination ports, and the protocol.
@@ -139,7 +139,7 @@ Traffic analytics requires the following prerequisites:
 
     <sup>1</sup> Network contributor doesn't cover `Microsoft.OperationalInsights/workspaces/*` actions.
 
-    <sup>2</sup> Only required when using traffic analytics to analyze VNet flow logs (preview). For more information, see [Data collection rules in Azure Monitor](../azure-monitor/essentials/data-collection-rule-overview.md?toc=/azure/network-watcher/toc.json) and [Data collection endpoints in Azure Monitor](../azure-monitor/essentials/data-collection-endpoint-overview.md?toc=/azure/network-watcher/toc.json).
+    <sup>2</sup> Only required when using traffic analytics to analyze VNet flow logs. For more information, see [Data collection rules in Azure Monitor](../azure-monitor/essentials/data-collection-rule-overview.md?toc=/azure/network-watcher/toc.json) and [Data collection endpoints in Azure Monitor](../azure-monitor/essentials/data-collection-endpoint-overview.md?toc=/azure/network-watcher/toc.json).
 
     To learn how to check roles assigned to a user for a subscription, see [List Azure role assignments using the Azure portal](../role-based-access-control/role-assignments-list-portal.yml?toc=/azure/network-watcher/toc.json). If you can't see the role assignments, contact the respective subscription admin.
 
diff --git a/articles/network-watcher/vnet-flow-logs-cli.md b/articles/network-watcher/vnet-flow-logs-cli.md
@@ -18,9 +18,6 @@ Virtual network flow logging is a feature of Azure Network Watcher that allows y
 
 In this article, you learn how to create, change, enable, disable, or delete a VNet flow log using the Azure CLI. You can learn how to manage a VNet flow log using the [Azure portal](vnet-flow-logs-portal.md) or [PowerShell](vnet-flow-logs-powershell.md).
 
-> [!IMPORTANT]
-> The VNet flow logs feature is currently in preview. This preview version is provided without a service-level agreement, and we don't recommend it for production workloads. Certain features might not be supported or might have constrained capabilities. For legal terms that apply to Azure features that are in beta, in preview, or otherwise not yet released into general availability, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
-
 ## Prerequisites
 
 - An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
diff --git a/articles/network-watcher/vnet-flow-logs-overview.md b/articles/network-watcher/vnet-flow-logs-overview.md
@@ -1,26 +1,23 @@
 ---
-title: VNet flow logs (Preview)
+title: VNet flow logs
 titleSuffix: Azure Network Watcher
 description: Learn about Azure Network Watcher VNet flow logs and how to use them to record your virtual network's traffic. 
 author: halkazwini
 ms.author: halkazwini
 ms.service: network-watcher
 ms.topic: concept-article
-ms.date: 04/08/2024
+ms.date: 04/22/2024
 ms.custom: references_regions
 
 #CustomerIntent: As an Azure administrator, I want to learn about VNet flow logs so that I can log my network traffic to analyze and optimize network performance.
 ---
 
-# VNet flow logs (Preview)
+# VNet flow logs
 
 Virtual network (VNet) flow logs are a feature of Azure Network Watcher. You can use them to log information about IP traffic flowing through a virtual network.
 
 Flow data from VNet flow logs is sent to Azure Storage. From there, you can access the data and export it to any visualization tool, security information and event management (SIEM) solution, or intrusion detection system (IDS). VNet flow logs overcome some of the limitations of [NSG flow logs](nsg-flow-logs-overview.md).
 
-> [!IMPORTANT]
-> The VNet flow logs feature is currently in preview. This preview version is provided without a service-level agreement, and we don't recommend it for production workloads. Certain features might not be supported or might have constrained capabilities. For legal terms that apply to Azure features that are in beta, in preview, or otherwise not yet released into general availability, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
-
 ## Why use flow logs?
 
 It's vital to monitor, manage, and know your network so that you can protect and optimize it. You might need to know the current state of the network, who's connecting, and where users are connecting from. You might also need to know which ports are open to the internet, what network behavior is expected, what network behavior is irregular, and when sudden rises in traffic happen.
@@ -217,33 +214,18 @@ For continuation (`C`) and end (`E`) flow states, byte and packet counts are agg
 
 ## Pricing
 
-Currently, VNet flow logs aren't billed. However, the following costs apply:
+- VNet flow logs are charged per gigabyte of ***Network flow logs collected*** and come with a free tier of 5 GB/month per subscription.
+
+    > [!NOTE]
+    > VNet flow logs will be billed effective June 1, 2024.
 
-- Traffic analytics: if traffic analytics is enabled for VNet flow logs, traffic analytics pricing applies at per gigabyte processing rates. For more information, see [Network Watcher pricing](https://azure.microsoft.com/pricing/details/network-watcher/).
+- If traffic analytics is enabled with VNet flow logs, traffic analytics pricing applies at per gigabyte processing rates. Traffic analytics isn't offered with a free tier of pricing. For more information, see [Network Watcher pricing](https://azure.microsoft.com/pricing/details/network-watcher/).
 
-- Storage: flow logs are stored in a storage account, and their retention policy can be set from one day to 365 days. If a retention policy isn't set, the logs are maintained forever. Pricing of VNet flow logs doesn't include the costs of storage. For more information, see [Azure Blob Storage pricing](https://azure.microsoft.com/pricing/details/storage/blobs/).
+- Storage of logs is charged separately. For more information, see [Azure Blob Storage pricing](https://azure.microsoft.com/pricing/details/storage/blobs/).
 
 ## Availability
 
-VNet flow logs can be enabled during the preview in the following regions: 
-
-- Central India
-- East US
-- East US 2
-- France Central
-- Japan East
-- Japan West
-- North Europe
-- Switzerland North
-- UAE North
-- UK South
-- West Central US
-- West Europe
-- West US
-- West US 2
-
-> [!NOTE]
-> You no longer need to sign up to access the preview.
+VNet flow logs are generally available in all Azure public regions.
 
 ## Related content
 
diff --git a/articles/network-watcher/vnet-flow-logs-portal.md b/articles/network-watcher/vnet-flow-logs-portal.md
@@ -17,9 +17,6 @@ Virtual network flow logging is a feature of Azure Network Watcher that allows y
 
 In this article, you learn how to create, change, enable, disable, or delete a VNet flow log using the Azure portal. You can also learn how to manage a VNet flow log using [PowerShell](vnet-flow-logs-powershell.md) or [Azure CLI](vnet-flow-logs-cli.md).
 
-> [!IMPORTANT]
-> The VNet flow logs feature is currently in preview. This preview version is provided without a service-level agreement, and we don't recommend it for production workloads. Certain features might not be supported or might have constrained capabilities. For legal terms that apply to Azure features that are in beta, in preview, or otherwise not yet released into general availability, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
-
 ## Prerequisites
 
 - An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
diff --git a/articles/network-watcher/vnet-flow-logs-powershell.md b/articles/network-watcher/vnet-flow-logs-powershell.md
@@ -18,9 +18,6 @@ Virtual network flow logging is a feature of Azure Network Watcher that allows y
 
 In this article, you learn how to create, change, enable, disable, or delete a VNet flow log using Azure PowerShell. You can learn how to manage a VNet flow log using the [Azure portal](vnet-flow-logs-portal.md) or [Azure CLI](vnet-flow-logs-cli.md).
 
-> [!IMPORTANT]
-> The VNet flow logs feature is currently in preview. This preview version is provided without a service-level agreement, and we don't recommend it for production workloads. Certain features might not be supported or might have constrained capabilities. For legal terms that apply to Azure features that are in beta, in preview, or otherwise not yet released into general availability, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
-
 ## Prerequisites
 
 - An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/free/?WT.mc_id=A261C142F).
