Merge pull request #282363 from halkazwini/nw-kibana

prmerger-automator[bot] · web-flow · commit 1f64a1f86e27 · 2024-07-30T22:23:21.000Z
Update Kibana JSON file links
diff --git a/articles/network-watcher/network-watcher-visualize-nsg-flow-logs-open-source-tools.md b/articles/network-watcher/network-watcher-visualize-nsg-flow-logs-open-source-tools.md
@@ -1,32 +1,31 @@
 ---
 title: Visualize NSG flow logs - Elastic Stack
 titleSuffix: Azure Network Watcher
-description: Manage and analyze Network Security Group Flow Logs in Azure using Network Watcher and Elastic Stack.
-services: network-watcher
+description: Manage and analyze network security group Flow Logs in Azure using Network Watcher and Elastic Stack.
 author: halkazwini
 ms.service: network-watcher
 ms.topic: how-to
-ms.date: 05/31/2024
+ms.date: 07/30/2024
 ms.author: halkazwini
 ---
 
 # Visualize Azure Network Watcher NSG flow logs using open source tools
 
-Network Security Group flow logs provide information that can be used understand ingress and egress IP traffic on Network Security Groups. These flow logs show outbound and inbound flows on a per rule basis, the NIC the flow applies to, 5-tuple information about the flow (Source/Destination IP, Source/Destination Port, Protocol), and if the traffic was allowed or denied.
+Network security group flow logs provide information that can be used understand ingress and egress IP traffic on network security groups. These flow logs show outbound and inbound flows on a per rule basis, the NIC the flow applies to, 5-tuple information about the flow (Source/Destination IP, Source/Destination Port, Protocol), and if the traffic was allowed or denied.
 
 These flow logs can be difficult to manually parse and gain insights from. However, there are several open source tools that can help visualize this data. This article provides a solution to visualize these logs using the Elastic Stack, which allows you to quickly index and visualize your flow logs on a Kibana dashboard.
 
 ## Scenario
 
-In this article, we set up a solution that allows you to visualize Network Security Group flow logs using the Elastic Stack.  A Logstash input plugin obtains the flow logs directly from the storage blob configured for containing the flow logs. Then, using the Elastic Stack, the flow logs are indexed and used to create a Kibana dashboard to visualize the information.
+In this article, we set up a solution that allows you to visualize network security group flow logs using the Elastic Stack.  A Logstash input plugin obtains the flow logs directly from the storage blob configured for containing the flow logs. Then, using the Elastic Stack, the flow logs are indexed and used to create a Kibana dashboard to visualize the information.
 
-![Diagram shows a scenario that allows you to visualize Network Security Group flow logs using the Elastic Stack.][scenario]
+![Diagram shows a scenario that allows you to visualize network security group flow logs using the Elastic Stack.][scenario]
 
 ## Steps
 
-### Enable Network Security Group flow logging
+### Enable network security group flow logging
 
-For this scenario, you must have Network Security Group Flow Logging enabled on at least one Network Security Group in your account. For instructions on enabling Network Security Flow Logs, see the following article [Introduction to flow logging for Network Security Groups](nsg-flow-logs-overview.md).
+For this scenario, you must have network security group Flow Logging enabled on at least one network security group in your account. For instructions on enabling Network Security Flow Logs, see the following article [Introduction to flow logging for network security groups](nsg-flow-logs-overview.md).
 
 ### Set up the Elastic Stack
 
@@ -206,7 +205,7 @@ A sample dashboard to view trends and details in your alerts is shown in the fol
 
 ![figure 1][1]
 
-Download the [dashboard file](https://aka.ms/networkwatchernsgflowlogdashboard), the [visualization file](https://aka.ms/networkwatchernsgflowlogvisualizations), and the [saved search file](https://aka.ms/networkwatchernsgflowlogsearch).
+Download the [dashboard file](https://github.com/Azure/NWPublicScripts/blob/main/nw-public-docs-artifacts/nsg-flow-logs/kibana/Sample_NSG_Flowlog_Dashboard.json), the [visualization file](https://github.com/Azure/NWPublicScripts/blob/main/nw-public-docs-artifacts/nsg-flow-logs/kibana/Sample_NSG_Flowlog_Visualizations.json), and the [saved search file](https://github.com/Azure/NWPublicScripts/blob/main/nw-public-docs-artifacts/nsg-flow-logs/kibana/Sample_NSG_Flowlog_Saved_Search.json).
 
 Under the **Management** tab of Kibana, navigate to **Saved Objects** and import all three files. Then from the **Dashboard** tab you can open and load the sample dashboard.
 
@@ -244,7 +243,7 @@ Using the query bar at the top of the dashboard, you can filter down the dashboa
 
 ## Conclusion
 
-By combining the Network Security Group flow logs with the Elastic Stack, we have come up with powerful and customizable way to visualize our network traffic. These dashboards allow you to quickly gain and share insights about your network traffic, and filter down and investigate on any potential anomalies. Using Kibana, you can tailor these dashboards and create specific visualizations to meet any security, audit, and compliance needs.
+By combining the network security group flow logs with the Elastic Stack, we have come up with powerful and customizable way to visualize our network traffic. These dashboards allow you to quickly gain and share insights about your network traffic, and filter down and investigate on any potential anomalies. Using Kibana, you can tailor these dashboards and create specific visualizations to meet any security, audit, and compliance needs.
 
 ## Next steps
 
