Manage Network Watcher Agent virtual machine extension for Windows

  • Article

The Network Watcher Agent virtual machine extension is a requirement for some of Azure Network Watcher features that capture network traffic to diagnose and monitor Azure virtual machines (VMs). For more information, see What is Azure Network Watcher?

In this article, you learn how to install and uninstall Network Watcher Agent for Windows. Installation of the agent doesn't disrupt, or require a reboot of the virtual machine. If the virtual machine is deployed by an Azure service, check the documentation of the service to determine whether or not it permits installing extensions in the virtual machine.

Prerequisites

  • An Azure Windows virtual machine (VM). For more information, see Supported Windows versions.

  • Outbound TCP connectivity to 169.254.169.254 over port 80 and 168.63.129.16 over port 8037. The agent uses these IP addresses to communicate with the Azure platform.

  • Internet connectivity: Network Watcher Agent requires internet connectivity for some features to properly work. For example, it requires connectivity to your storage account to upload packet captures. For more information, see Packet capture overview.

  • Azure CLI.

    You can install Azure CLI locally to run the commands. If you run Azure CLI locally, sign in to Azure using the az login command.

Supported operating systems

Network Watcher Agent extension for Windows can be installed on:

  • Windows Server 2012, 2012 R2, 2016, 2019 and 2022 releases.
  • Windows 10 and 11 releases.

Note

Currently, Nano Server isn't supported.

Extension schema

The following JSON shows the schema for the Network Watcher Agent extension. The extension doesn't require, or support, any user-supplied settings, and relies on its default configuration.

{
    "name": "[concat(parameters('vmName'), '/AzureNetworkWatcherExtension')]",
    "type": "Microsoft.Compute/virtualMachines/extensions",
    "apiVersion": "2023-03-01",
    "location": "[resourceGroup().location]",
    "dependsOn": [
        "[concat('Microsoft.Compute/virtualMachines/', parameters('vmName'))]"
    ],
    "properties": {
        "autoUpgradeMinorVersion": true,
        "publisher": "Microsoft.Azure.NetworkWatcher",
        "type": "NetworkWatcherAgentWindows",
        "typeHandlerVersion": "1.4"
    }
}

List installed extensions

Use az vm extension list command to list all installed extensions on the virtual machine:

# List the installed extensions on the virtual machine.
az vm extension list --resource-group 'myResourceGroup' --vm-name 'myVM' --out table

The output of the command lists the installed extensions:

Name                          ProvisioningState    Publisher                       Version    AutoUpgradeMinorVersion
----------------------------  -------------------  ------------------------------  ---------  -------------------------
AzureNetworkWatcherExtension  Succeeded            Microsoft.Azure.NetworkWatcher  1.4        True

Install Network Watcher Agent VM extension

Use az vm extension set command to install Network Watcher Agent VM extension on the virtual machine:

# Install Network Watcher Agent for Windows on the virtual machine.
az vm extension set --name 'NetworkWatcherAgentWindows' --extension-instance-name 'AzureNetworkWatcherExtension' --publisher 'Microsoft.Azure.NetworkWatcher' --enable-auto-upgrade 'true' --version '1.4' --resource-group 'myResourceGroup' --vm-name 'myVM'

Uninstall Network Watcher Agent VM extension

Use az vm extension delete command to remove Network Watcher Agent VM extension from the virtual machine:

# Uninstall Network Watcher Agent VM extension.
az vm extension delete --name 'AzureNetworkWatcherExtension' --resource-group 'myResourceGroup' --vm-name 'myVM'

Frequently asked questions (FAQ)

To get answers to most frequently asked questions about Network Watcher Agent, see Network Watcher Agent FAQ.

Related content