You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/virtual-network-manager/concept-event-logs.md
+39-4Lines changed: 39 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -21,8 +21,12 @@ Azure Virtual Network Manager currently provides the following log categories:
21
21
- Track when a particular virtual network’s network group membership is modified. In other words, a log is emitted when a virtual network is added to or removed from a network group. This can be used to trace network group membership changes over time and to capture a snapshot of a particular virtual network’s network group membership.
22
22
- Rule collection change
23
23
- Track when a particular virtual network’s set of applied security admin rule collections changes. A log is emitted for every rule collection deployed to a virtual network via the network group the rule collection is targeting. Any removal of a rule collection from a network group through a deployment process will also result in a log for each affected virtual network. This schema can be used to track what rule collection(s) have been deployed to a particular virtual network over time.
24
-
- If a virtual network is receiving security admin rule collection(s) from multiple network managers, logs will be emitted separately for each network manager for their respective rule collection changes.
24
+
- If a virtual network is receiving security admin rule collections from multiple network managers, logs will be emitted separately for each network manager for their respective rule collection changes.
25
25
- If a virtual network is added to or removed from a network group that already has a rule collection(s) deployed onto it, a log will be emitted for that virtual network showing the state of applied rule collection(s).
26
+
- Connectivity configuration change
27
+
- Track when a particular virtual network's applied connectivity configuration(s) changes. A log is emitted for every connectivity configuration deployed to a virtual network via the network group the configuration is targeting. Any removal of a connectivity configuration from a network group or vice versa through a deployment process will also result in a log for each affected virtual network. This schema can be used to track what connectivity configuration(s) and their respective topology types have been deployed to a particular virtual network over time.
28
+
- If a virtual network is receiving connectivity configurations from multiple network managers, logs will be emitted separately for each network manager for their respective configuration changes.
29
+
- If a virtual network is added to or removed from a network group that already has a connectivity configuration(s) deployed onto it, a log will be emitted for that virtual network showing the state of applied connectivity configuration(s).
26
30
27
31
## Network group membership change attributes
28
32
@@ -89,6 +93,37 @@ Within the `properties` attribute are several nested attributes:
89
93
| Message | A static message stating if a rule collection change was successful or unsuccessful. |
90
94
| AppliedRuleCollectionIds | Collection of what security admin rule collections are applied to the virtual network at the time the log was emitted. There may be multiple rule collection IDs listed since a virtual network can belong to multiple network groups and have multiple rule collections applied simultaneously. |
91
95
96
+
## Connectivity configuration change attributes
97
+
98
+
This category emits one log per connectivity configuration change per virtual network. So, when a connectivity configuration is applied to or removed from a virtual network through its network group, a log is emitted correlating to that change in connectivity configuration set for that particular virtual network. The following attributes correspond to the logs that would be sent to your storage account; Log Analytics logs will have slightly different attributes.
99
+
100
+
| Attribute | Description |
101
+
|-----------|-------------|
102
+
| time | Datetime when the event was logged. |
103
+
| resourceId | Resource ID of the network manager. |
104
+
| location | Location of the virtual network resource. |
105
+
| operationName | Operation that resulted in the virtual network being added or removed. Always the Microsoft.Network/networkManagers/connectivityConfigurations/write operation. |
106
+
| category | Category of this log. Always ConnectivityConfigurationChange. |
107
+
| resultType | Indicates successful or failed operation. |
108
+
| correlationId | GUID that can help relate or debug logs. |
109
+
| level | Always Info. |
110
+
| properties | Collection of properties of the log. |
111
+
112
+
Within the `properties` attribute are several nested attributes:
113
+
114
+
| properties attributes | Description |
115
+
|--------------------|-------------|
116
+
| AppliedConnectivityConfigurations | Collection of what connectivity configuration(s) are applied to the virtual network at the time the log was emitted. There may be multiple connectivity configurations listed since a network group can have multiple connectivity configurations applied simultaneously, and a virtual network can belong to multiple network groups with multiple connectivity configurations applied simultaneously as well. |
117
+
| TargetResourceIds | Resource ID of the virtual network that experienced a change in connectivity configuration application. |
118
+
| Message | A static message stating if the connectivity configuration change was successful or unsuccessful. |
119
+
120
+
Within the `AppliedConnectivityConfigurations` attribute are several nested attributes:
| ConfigurationId | ID of a connectivity configuration applied onto the virtual network. |
125
+
| Topology | Type of topology the connectivity configuration is intended to build among the network group(s) it is applied to. Can be Mesh or HubAndSpoke. |
126
+
92
127
## Accessing logs
93
128
94
129
Depending on how you consume event logs, you need to set up a Log Analytics workspace or a storage account for storing your log events.
@@ -100,9 +135,9 @@ When setting up a Log Analytics workspace or a storage account, you need to sele
100
135
The network manager accessing the events isn't required to be in the same subscription as the Log Analytics workspace or the storage account used for storage, but permissions may restrict your ability to access logs across different subscriptions.
101
136
102
137
> [!NOTE]
103
-
> At least one virtual network must be added or removed from a network group in order to generate logs. A log will generate for this event a couple minutes after network group membership change occurs.
138
+
> At least one virtual network must experience an event captured by the categories above in order to generate logs. A log will generate for each event a couple minutes after the change occurs.
104
139
105
140
## Next steps
106
-
- Learn to Configure Create an [Azure Virtual Network Manager](create-virtual-network-manager-portal.md) instance using the Azure portal.
141
+
- Learn to [get started with Azure Virtual Network Manager's event logs](how-to-configure-event-logs.md).
142
+
- Learn to create an [Azure Virtual Network Manager](create-virtual-network-manager-portal.md) instance using the Azure Portal.
107
143
- Learn more about [network groups](concept-network-groups.md) in Azure Virtual Network Manager.
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments