Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Azure Network Watcher is a regional service that enables you to monitor and diagnose conditions at a network scenario level in, to, and from Azure. Scenario level monitoring enables you to diagnose problems at an end to end network level view. Network diagnostic and visualization tools available with Network Watcher help you understand, diagnose, and gain insights to your network in Azure.
Network Watcher is enabled in an Azure region through the creation of a Network Watcher instance in that region. This instance allows you to utilize Network Watcher capabilities in that particular region.
Note
- By default, Network Watcher is automatically enabled. When you create or update a virtual network in your subscription, Network Watcher will be automatically enabled in your Virtual Network's region.
- Automatically enabling Network Watcher doesn't affect your resources or associated charge.
- If you previously chose to opt out of Network Watcher automatic enablement, you must manually enable Network Watcher in each region where you want to use Network Watcher capabilities. For more information, see Network Watcher Azure regions.
An Azure account with an active subscription. Create a trial subscription.
Azure PowerShell.
You can install PowerShell locally to run the cmdlets. This article requires the Az PowerShell module. For more information, see How to install Azure PowerShell. To find the installed version, run Get-Module -ListAvailable Az cmdlet. If you run PowerShell locally, sign in to Azure using the Connect-AzAccount -Environment AzureChinaCloud cmdlet.
If you choose to opt out of Network Watcher automatic enablement, you must manually enable Network Watcher in each region where you want to use Network Watcher capabilities. To enable Network Watcher in a region, create a Network Watcher instance in that region using the Azure portal, PowerShell, the Azure CLI, REST API, or an Azure Resource Manager template (ARM template).
Create a Network Watcher instance using New-AzNetworkWatcher cmdlet:
# Create a resource group for the Network Watcher instance (if it doesn't already exist).
New-AzResourceGroup -Name 'NetworkWatcherRG' -Location 'chinaeast'
# Create an instance of Network Watcher in China East region.
New-AzNetworkWatcher -Name 'NetworkWatcher_chinaeast' -ResourceGroupName 'NetworkWatcherRG' -Location 'chinaeast'
Note
When you create a Network Watcher instance using PowerShell, you can customize the name of a Network Watcher instance and resource group. However, the resource group must exist before you create a Network Watcher instance in it.
You can disable Network Watcher for a region by deleting the Network Watcher instance in that region. You can delete a Network Watcher instance using the Azure portal, PowerShell, the Azure CLI, or REST API.
Warning
Deleting a Network Watcher instance deletes all Network Watcher running operations, historical data, and alerts with no option to revert. For example, if you delete NetworkWatcher_chinaeast instance, all flow logs, connection monitors and packet captures in China East region will be deleted.
Delete a Network Watcher instance using Remove-AzNetworkWatcher:
# Disable Network Watcher in the China East region by deleting its China East instance.
Remove-AzNetworkWatcher -Location 'chinaeast'
You can view all regions where Network Watcher is enabled in your subscription by listing available Network Watcher instances in your subscription. Use the Azure portal, PowerShell, the Azure CLI, or REST API to list Network Watcher instances in your subscription.
List all Network Watcher instances in your subscription using Get-AzNetworkWatcher.
# List all Network Watcher instances in your subscription.
Get-AzNetworkWatcher
To get started with Network Watcher, see: