Back to Details

azure-network-watcher

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Azure Network Watcher Skill

Azure Network Watcher Skill

This skill provides expert guidance for Azure Network Watcher. Covers troubleshooting, decision making, limits & quotas, security, configuration, and integrations & coding patterns. It combines local quick-reference content with remote documentation fetching capabilities.
本Skill为Azure Network Watcher提供专业指导,涵盖故障排除、决策制定、限制与配额、安全、配置以及集成与编码模式。它结合了本地快速参考内容与远程文档获取能力。

How to Use This Skill

如何使用本Skill

IMPORTANT for Agent: Use the Category Index below to locate relevant sections. For categories with line ranges (e.g., 
L35-L120
), use 
read_file
with the specified lines. For categories with file links (e.g., 
[security.md](security.md)
), use 
read_file
on the linked reference file
IMPORTANT for Agent: If 
metadata.generated_at
is more than 3 months old, suggest the user pull the latest version from the repository. If 
mcp_microsoftdocs
tools are not available, suggest the user install it: Installation Guide
This skill requires network access to fetch documentation content:
  • Preferred: Use 
    mcp_microsoftdocs:microsoft_docs_fetch
    with query string 
    from=learn-agent-skill
    . Returns Markdown.
  • Fallback: Use 
    fetch_webpage
    with query string 
    from=learn-agent-skill&accept=text/markdown
    . Returns Markdown.
Agent重要提示:使用下方的分类索引查找相关章节。对于带有行范围的分类(例如
L35-L120
),使用
read_file
读取指定行内容。对于带有文件链接的分类(例如
[security.md](security.md)
),使用
read_file
读取链接的参考文件
Agent重要提示:如果
metadata.generated_at
已超过3个月,建议用户从仓库拉取最新版本。如果
mcp_microsoftdocs
工具不可用,建议用户安装:安装指南
本Skill需要网络访问权限以获取文档内容:
  • 首选方式:使用
    mcp_microsoftdocs:microsoft_docs_fetch
    ,查询字符串为
    from=learn-agent-skill
    ,返回Markdown格式内容。
  • 备用方式:使用
    fetch_webpage
    ,查询字符串为
    from=learn-agent-skill&accept=text/markdown
    ,返回Markdown格式内容。

Category Index

分类索引

CategoryLinesDescription
TroubleshootingL34-L43Diagnosing and automating troubleshooting for outbound connectivity, NSG/admin rules, and VPN gateway/on-premises VPN issues using Network Watcher, Azure CLI, PowerShell, and Automation.
Decision MakingL44-L50Guidance for migrating network monitoring: moving from classic Connection Monitor and Network Performance Monitor tests, and switching NSG flow logs to VNet flow logs.
Limits & QuotasL51-L55How to configure and run Network Watcher packet capture, storage and filtering options, and the key limits/quotas (size, duration, concurrency) that apply to captures
SecurityL56-L62Configuring secure access to Network Watcher with RBAC, using Traffic Analytics for Zero Trust segmentation, and protecting VNet flow logs with managed identities.
ConfigurationL63-L78Configuring and governing Network Watcher logging: Connection Monitor AMA setup, NSG and VNet flow logs, Traffic Analytics schemas, filters, ARM/Bicep/Policy deployment and management.
Integrations & Coding PatternsL79-L86Using Network Watcher data in tools and code: parsing NSG flow logs with PowerShell, visualizing in Power BI, triggering packet capture from Functions, querying Traffic Analytics with KQL, and integrating with Sentinel.
分类行范围描述
故障排除L34-L43使用Network Watcher、Azure CLI、PowerShell和Automation诊断并自动化解决出站连接、NSG/管理员规则以及VPN网关/本地VPN问题。
决策制定L44-L50网络监控迁移指导:从经典Connection Monitor和Network Performance Monitor测试迁移,以及将NSG流日志切换为VNet流日志。
限制与配额L51-L55如何配置和运行Network Watcher数据包捕获、存储与过滤选项,以及适用于捕获的关键限制/配额(大小、时长、并发数)。
安全L56-L62使用RBAC配置Network Watcher的安全访问权限,利用Traffic Analytics实现零信任分段,以及使用托管标识保护VNet流日志。
配置L63-L78配置与管理Network Watcher日志:Connection Monitor AMA设置、NSG和VNet流日志、Traffic Analytics架构、过滤器、ARM/Bicep/Policy部署与管理。
集成与编码模式L79-L86在工具与代码中使用Network Watcher数据:使用PowerShell解析NSG流日志、在Power BI中可视化、通过Functions触发数据包捕获、使用KQL查询Traffic Analytics以及与Sentinel集成。

Troubleshooting

故障排除

TopicURL
Diagnose outbound connection issues with Network Watcherhttps://learn.microsoft.com/en-us/azure/network-watcher/connection-troubleshoot-manage
Troubleshoot NSG and admin rules with NSG diagnosticshttps://learn.microsoft.com/en-us/azure/network-watcher/diagnose-network-security-rules
Diagnose on-premises VPN connectivity to Azure with Network Watcherhttps://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-diagnose-on-premises-connectivity
Automate VPN connectivity monitoring with Azure Automation and Network Watcherhttps://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-monitor-with-azure-automation
Troubleshoot VPN gateways and connections with Azure CLIhttps://learn.microsoft.com/en-us/azure/network-watcher/vpn-troubleshoot-cli
Troubleshoot VPN gateways and connections with PowerShellhttps://learn.microsoft.com/en-us/azure/network-watcher/vpn-troubleshoot-powershell
主题链接
使用Network Watcher诊断出站连接问题https://learn.microsoft.com/en-us/azure/network-watcher/connection-troubleshoot-manage
使用NSG诊断工具排查NSG和管理员规则问题https://learn.microsoft.com/en-us/azure/network-watcher/diagnose-network-security-rules
使用Network Watcher诊断本地VPN与Azure的连接问题https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-diagnose-on-premises-connectivity
使用Azure Automation和Network Watcher自动化监控VPN连接https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-monitor-with-azure-automation
使用Azure CLI排查VPN网关和连接问题https://learn.microsoft.com/en-us/azure/network-watcher/vpn-troubleshoot-cli
使用PowerShell排查VPN网关和连接问题https://learn.microsoft.com/en-us/azure/network-watcher/vpn-troubleshoot-powershell

Decision Making

决策制定

TopicURL
Migrate from Connection Monitor classic to new Connection Monitorhttps://learn.microsoft.com/en-us/azure/network-watcher/migrate-to-connection-monitor-from-connection-monitor-classic
Migrate tests from Network Performance Monitor to Connection Monitorhttps://learn.microsoft.com/en-us/azure/network-watcher/migrate-to-connection-monitor-from-network-performance-monitor
Migrate from NSG flow logs to VNet flow logshttps://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-migrate
主题链接
从经典Connection Monitor迁移至新版Connection Monitorhttps://learn.microsoft.com/en-us/azure/network-watcher/migrate-to-connection-monitor-from-connection-monitor-classic
从Network Performance Monitor迁移测试至Connection Monitorhttps://learn.microsoft.com/en-us/azure/network-watcher/migrate-to-connection-monitor-from-network-performance-monitor
从NSG流日志迁移至VNet流日志https://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-migrate

Limits & Quotas

限制与配额

TopicURL
Use Network Watcher packet capture and understand its limitshttps://learn.microsoft.com/en-us/azure/network-watcher/packet-capture-overview
主题链接
使用Network Watcher数据包捕获并了解其限制https://learn.microsoft.com/en-us/azure/network-watcher/packet-capture-overview

Security

安全

TopicURL
Configure RBAC permissions for Azure Network Watcherhttps://learn.microsoft.com/en-us/azure/network-watcher/required-rbac-permissions
Apply Zero Trust segmentation using Traffic Analyticshttps://learn.microsoft.com/en-us/azure/network-watcher/traffic-analytics-zero-trust
Secure VNet flow logs with managed identitieshttps://learn.microsoft.com/en-us/azure/network-watcher/vnet-flow-logs-managed-identity
主题链接
为Azure Network Watcher配置RBAC权限https://learn.microsoft.com/en-us/azure/network-watcher/required-rbac-permissions
使用Traffic Analytics应用零信任分段https://learn.microsoft.com/en-us/azure/network-watcher/traffic-analytics-zero-trust
使用托管标识保护VNet流日志https://learn.microsoft.com/en-us/azure/network-watcher/vnet-flow-logs-managed-identity

Configuration

配置

TopicURL
Configure Azure Monitor Agent for Connection Monitorhttps://learn.microsoft.com/en-us/azure/network-watcher/azure-monitor-agent-with-connection-monitor
Install and manage Azure Monitor Agent on Arc servershttps://learn.microsoft.com/en-us/azure/network-watcher/connection-monitor-install-azure-monitor-agent
Understand Connection Monitor Log Analytics data schemashttps://learn.microsoft.com/en-us/azure/network-watcher/connection-monitor-schema
Enable NSG flow logs using Bicephttps://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-bicep
Configure and manage Azure NSG flow logshttps://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-manage
Manage NSG flow logs deployment with Azure Policyhttps://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-policy-portal
Enable NSG flow logs using ARM templateshttps://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-template
Govern Traffic Analytics with Azure Policyhttps://learn.microsoft.com/en-us/azure/network-watcher/traffic-analytics-policy-portal
Understand Traffic Analytics schema and aggregationhttps://learn.microsoft.com/en-us/azure/network-watcher/traffic-analytics-schema
Configure filtering for Azure virtual network flow logshttps://learn.microsoft.com/en-us/azure/network-watcher/vnet-flow-logs-filtering
Configure and manage Azure virtual network flow logshttps://learn.microsoft.com/en-us/azure/network-watcher/vnet-flow-logs-manage
Enforce VNet flow logs with Azure Policyhttps://learn.microsoft.com/en-us/azure/network-watcher/vnet-flow-logs-policy
主题链接
为Connection Monitor配置Azure Monitor Agenthttps://learn.microsoft.com/en-us/azure/network-watcher/azure-monitor-agent-with-connection-monitor
在Arc服务器上安装和管理Azure Monitor Agenthttps://learn.microsoft.com/en-us/azure/network-watcher/connection-monitor-install-azure-monitor-agent
了解Connection Monitor Log Analytics数据架构https://learn.microsoft.com/en-us/azure/network-watcher/connection-monitor-schema
使用Bicep启用NSG流日志https://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-bicep
配置和管理Azure NSG流日志https://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-manage
使用Azure Policy管理NSG流日志部署https://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-policy-portal
使用ARM模板启用NSG流日志https://learn.microsoft.com/en-us/azure/network-watcher/nsg-flow-logs-template
使用Azure Policy管理Traffic Analyticshttps://learn.microsoft.com/en-us/azure/network-watcher/traffic-analytics-policy-portal
了解Traffic Analytics架构与聚合https://learn.microsoft.com/en-us/azure/network-watcher/traffic-analytics-schema
配置Azure虚拟网络流日志过滤https://learn.microsoft.com/en-us/azure/network-watcher/vnet-flow-logs-filtering
配置和管理Azure虚拟网络流日志https://learn.microsoft.com/en-us/azure/network-watcher/vnet-flow-logs-manage
使用Azure Policy强制启用VNet流日志https://learn.microsoft.com/en-us/azure/network-watcher/vnet-flow-logs-policy

Integrations & Coding Patterns

集成与编码模式

TopicURL
Parse and read Azure flow logs with PowerShellhttps://learn.microsoft.com/en-us/azure/network-watcher/flow-logs-read
Visualize NSG flow logs in Power BIhttps://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-visualize-nsg-flow-logs-power-bi
Trigger Network Watcher packet captures from Azure Functions alertshttps://learn.microsoft.com/en-us/azure/network-watcher/packet-capture-alert-triggered
Analyze Traffic Analytics data with KQL querieshttps://learn.microsoft.com/en-us/azure/network-watcher/traffic-analytics-queries
Integrate Azure Traffic Analytics with Microsoft Sentinelhttps://learn.microsoft.com/en-us/azure/network-watcher/traffic-analytics-sentinel
主题链接
使用PowerShell解析和读取Azure流日志https://learn.microsoft.com/en-us/azure/network-watcher/flow-logs-read
在Power BI中可视化NSG流日志https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-visualize-nsg-flow-logs-power-bi
从Azure Functions警报触发Network Watcher数据包捕获https://learn.microsoft.com/en-us/azure/network-watcher/packet-capture-alert-triggered
使用KQL查询分析Traffic Analytics数据https://learn.microsoft.com/en-us/azure/network-watcher/traffic-analytics-queries
将Azure Traffic Analytics与Microsoft Sentinel集成https://learn.microsoft.com/en-us/azure/network-watcher/traffic-analytics-sentinel