流量分析常见问题解答Traffic Analytics frequently asked questions

本文收集了许多有关 Azure 网络观察程序中流量分析的常见问题。This article collects in one place many of the most frequently asked questions about traffic analytics in Azure Network Watcher.

备注

本文进行了更新,以便使用新的 Azure PowerShell Az 模块。This article has been updated to use the new Azure PowerShell Az module. 你仍然可以使用 AzureRM 模块,至少在 2020 年 12 月之前,它将继续接收 bug 修补程序。You can still use the AzureRM module, which will continue to receive bug fixes until at least December 2020. 若要详细了解新的 Az 模块和 AzureRM 兼容性,请参阅新 Azure Powershell Az 模块简介To learn more about the new Az module and AzureRM compatibility, see Introducing the new Azure PowerShell Az module. 有关 Az 模块安装说明,请参阅安装 Azure PowerShellFor Az module installation instructions, see Install Azure PowerShell.

使用流量分析的先决条件是什么?What are the prerequisites to use traffic analytics?

流量分析要求满足以下先决条件:Traffic Analytics requires the following prerequisites:

  • 支持网络观察程序的订阅。A Network Watcher enabled subscription.
  • 为要监视的网络安全组 (NSG) 启用 NSG 流日志。Network Security Group (NSG) flow logs enabled for the NSGs you want to monitor.
  • 用于存储原始流日志的 Azure 存储帐户。An Azure Storage account, to store raw flow logs.
  • 具有读取和写入访问权限的 Azure Log Analytics 工作区。An Azure Log Analytics workspace, with read and write access.

帐户必须符合以下某项条件才能启用流量分析:Your account must meet one of the following to enable traffic analytics:

  • 帐户必须在订阅范围内具有以下任何一种 Azure 角色:所有者、参与者、读者或网络参与者。Your account must have any one of the following Azure roles at the subscription scope: owner, contributor, reader, or network contributor.

  • 如果未将帐户分配给之前列出的某一角色,则必须在订阅级别将其分配给分配有以下操作的自定义角色。If your account is not assigned to one of the previously listed roles, it must be assigned to a custom role that is assigned the following actions, at the subscription level.

    • Microsoft.Network/applicationGateways/readMicrosoft.Network/applicationGateways/read
    • Microsoft.Network/connections/readMicrosoft.Network/connections/read
    • Microsoft.Network/loadBalancers/readMicrosoft.Network/loadBalancers/read
    • Microsoft.Network/localNetworkGateways/readMicrosoft.Network/localNetworkGateways/read
    • Microsoft.Network/networkInterfaces/readMicrosoft.Network/networkInterfaces/read
    • Microsoft.Network/networkSecurityGroups/readMicrosoft.Network/networkSecurityGroups/read
    • Microsoft.Network/publicIPAddresses/readMicrosoft.Network/publicIPAddresses/read
    • Microsoft.Network/routeTables/readMicrosoft.Network/routeTables/read
    • Microsoft.Network/virtualNetworkGateways/readMicrosoft.Network/virtualNetworkGateways/read
    • Microsoft.Network/virtualNetworks/readMicrosoft.Network/virtualNetworks/read

检查针对订阅分配给用户的角色:To check roles assigned to a user for a subscription:

  1. 使用 Connect-AzAccount -Environment AzureChinaCloud 登录到 Azure。Sign in to Azure by using Connect-AzAccount -Environment AzureChinaCloud.

  2. 使用 Select-AzSubscription 选择所需订阅。Select the required subscription by using Select-AzSubscription.

  3. 若要列出分配给特定用户的所有角色,请使用 Get-AzRoleAssignment -SignInName [user email] -IncludeClassicAdministratorsTo list all the roles that are assigned to a specified user, use Get-AzRoleAssignment -SignInName [user email] -IncludeClassicAdministrators.

如果未看到任何输出,请与相应的订阅管理员联系以获取运行命令的权限。If you are not seeing any output, contact the respective subscription admin to get access to run the commands. 有关详细信息,请参阅使用 Azure PowerShell 添加或删除 Azure 角色分配For more details, see Add or remove Azure role assignments using Azure PowerShell.

流量分析在哪些 Azure 区域中可用?In which Azure regions is Traffic Analytics available?

可以在以下任何受支持的区域中对 NSG 使用流量分析:You can use traffic analytics for NSGs in any of the following supported regions:

  • 中国东部 2China East 2

Log Analytics 工作区必须存在于以下区域中:The Log Analytics workspace must exist in the following regions:

  • 中国东部 2China East 2

启用流日志的 NSG 是否可与工作区位于不同的区域?Can the NSGs I enable flow logs for be in different regions than my workspace?

是,这些 NSG 可与 Log Analytics 工作区位于不同区域。Yes, these NSGs can be in different regions than your Log Analytics workspace.

是否可以在单个工作区中配置多个 NSG?Can multiple NSGs be configured within a single workspace?

是的。Yes.

是否可以使用现有的的工作区?Can I use an existing workspace?

是的。Yes. 如果选择现有的工作区,请确保已将此工作区迁移到新的查询语言。If you select an existing workspace, make sure that it has been migrated to the new query language. 如果不想要升级该工作区,则需要创建新的工作区。If you do not want to upgrade the workspace, you need to create a new one. 有关新查询语言的详细信息,请参阅将 Azure Monitor 日志升级到新的日志搜索For more information about the new query language, see Azure Monitor logs upgrade to new log search.

是否可将 Azure 存储帐户放在一个订阅中,并将 Log Analytics 工作区放在另一个订阅中?Can my Azure Storage Account be in one subscription and my Log Analytics workspace be in a different subscription?

是,可将 Azure 存储帐户置于一个订阅中,而将 Log Analytics 工作区置于另一个订阅中。Yes, your Azure Storage account can be in one subscription, and your Log Analytics workspace can be in a different subscription.

是否可将原始日志存储在不同的订阅中?Can I store raw logs in a different subscription?

是的。Yes. 可以将 NSG 流日志配置为发送到位于不同订阅中的存储帐户,前提是你具有适当的权限,并且该存储帐户与 NSG 位于同一区域。You can configure NSG Flow Logs to be sent to a storage account located in a different subscription, provided you have the appropriate privileges, and that the storage account is located in the same region as the NSG. NSG 和目标存储帐户还必须共享同一个 Azure Active Directory 租户。The NSG and the destination storage account must also share the same Azure Active Directory Tenant.

如果由于“未找到”错误而无法为流量分析配置 NSG,该如何解决?What if I can't configure an NSG for traffic analytics due to a "Not found" error?

选择支持的区域。Select a supported region. 如果选择不支持的区域,则会收到“未找到”错误。If you select a non-supported region, you receive a "Not found" error. 前文列出了支持的区域。The supported regions are listed earlier in this article.

如果在 NSG 流日志页显示“无法加载”状态,该如何解决?What if I am getting the status, "Failed to load," under the NSG flow logs page?

要使流日志记录正常工作,必须注册 Microsoft.Insights 提供程序。The Microsoft.Insights provider must be registered for flow logging to work properly. 如果不确定是否为订阅注册了 Microsoft.Insights 提供程序,请替换以下命令中的“xxxxx-xxxxx-xxxxxx-xxxx”,并从 PowerShell 运行以下命令:If you are not sure whether the Microsoft.Insights provider is registered for your subscription, replace xxxxx-xxxxx-xxxxxx-xxxx in the following command, and run the following commands from PowerShell:

**Select-AzSubscription** -SubscriptionId xxxxx-xxxxx-xxxxxx-xxxx
**Register-AzResourceProvider** -ProviderNamespace Microsoft.Insights

我已配置解决方案。I have configured the solution. 为何仪表板上未显示任何信息?Why am I not seeing anything on the dashboard?

首次显示仪表板最长可能需要花费 30 分钟。The dashboard might take up to 30 minutes to appear the first time. 解决方案必须先聚合足够的数据以派生有意义的见解。The solution must first aggregate enough data for it to derive meaningful insights. 然后才能生成报告。Then it generates reports.

如果收到以下消息:“在所选时间间隔内在此工作区中未找到任何数据。What if I get this message: "We could not find any data in this workspace for selected time interval. 尝试更改时间间隔,或者选择其他工作区”,该如何解决?Try changing the time interval or select a different workspace."?

请尝试以下选项:Try the following options:

  • 在上部菜单栏中更改时间间隔。Change the time interval in the upper bar.
  • 在上部菜单栏中选择不同的 Log Analytics 工作区。Select a different Log Analytics workspace in the upper bar.
  • 如果流量分析是最近才启用的,请尝试在 30 分钟后访问它。Try accessing traffic analytics after 30 minutes, if it was recently enabled.

如果问题仍未解决,请在 User Voice 论坛中咨询。If problems persist, raise concerns in the User voice forum.

如果收到以下消息:“正在首次分析 NSG 流日志。What if I get this message: "Analyzing your NSG flow logs for the first time. 此过程可能需要 20-30 分钟才能完成。This process may take 20-30 minutes to complete. 请过一段时间回来查看。Check back after some time. 2) 如果上述步骤不起作用,并且工作区位于免费 SKU,则在此处检查工作区使用情况,以验证是否超出配额,或者参阅常见问题解答中的其他信息”,该如何解决?2) If the above step doesn't work and your workspace is under the free SKU, then check your workspace usage here to validate over quota, else refer to FAQs for further information."?

出现此消息的可能原因有:You might see this message because:

  • 流量分析最近才启用,可能尚未聚合足够的数据,无法获得有意义的见解。Traffic Analytics was recently enabled, and might not yet have aggregated enough data for it to derive meaningful insights.
  • 正在使用免费版 Log Analytics 工作区,并且它超出了配额限制。You are using the free version of the Log Analytics workspace, and it exceeded the quota limits. 可能需要使用容量更大的工作区。You might need to use a workspace with a larger capacity.

如果问题仍未解决,请在 User Voice 论坛中咨询。If problems persist, raise concerns in the User voice forum.

如果收到以下消息:“似乎我们已获得资源数据(拓扑),但没有流信息。What if I get this message: "Looks like we have resources data (Topology) and no flows information. 同时,请单击此处查看资源数据,并参阅常见问题解答了解其他信息”,该如何解决?Meanwhile, click here to see resources data and refer to FAQs for further information."?

仪表板上显示了资源信息,但未显示与流相关的统计信息。You are seeing the resources information on the dashboard; however, no flow-related statistics are present. 由于资源之间没有通信流,因此可能不显示数据。Data might not be present because of no communication flows between the resources. 请在 60 分钟后重新检查状态。Wait for 60 minutes, and recheck status. 如果问题仍未解决,并且确信资源之间存在通信流,请在 User Voice 论坛中咨询。If the problem persists, and you're sure that communication flows among resources exist, raise concerns in the User voice forum.

是否可以使用 PowerShell 或 Azure 资源管理器模板或客户端配置流量分析?Can I configure traffic analytics using PowerShell or an Azure Resource Manager template or client?

可使用版本 6.2.1 及以上版本的 Windows PowerShell 配置流量分析。You can configure traffic analytics by using Windows PowerShell from version 6.2.1 onwards. 若要使用 Set cmdlet 为特定 NSG 配置流日志记录和流量分析,请参阅 Set-AzNetworkWatcherConfigFlowLogTo configure flow logging and traffic analytics for a specific NSG by using the Set cmdlet, see Set-AzNetworkWatcherConfigFlowLog. 若要获取特定 NSG 的流日志记录和流量分析状态,请参阅 Get-AzNetworkWatcherFlowLogStatusTo get the flow logging and traffic analytics status for a specific NSG, see Get-AzNetworkWatcherFlowLogStatus.

目前,无法使用 Azure 资源管理器模板配置流量分析。Currently, you can't use an Azure Resource Manager template to configure traffic analytics.

若要使用 Azure 资源管理器客户端配置流量分析,请参阅以下示例。To configure traffic analytics by using an Azure Resource Manager client, see the following examples.

Set cmdlet 示例:Set cmdlet example:

#Requestbody parameters
$TAtargetUri ="/subscriptions/<NSG subscription id>/resourceGroups/<NSG resource group name>/providers/Microsoft.Network/networkSecurityGroups/<name of NSG>"
$TAstorageId = "/subscriptions/<storage subscription id>/resourcegroups/<storage resource group name> /providers/microsoft.storage/storageaccounts/<storage account name>"
$networkWatcherResourceGroupName = "<network watcher resource group name>"
$networkWatcherName = "<network watcher name>"

$requestBody = 
@"
{
    'targetResourceId': '${TAtargetUri}',
    'properties': 
    {
        'storageId': '${TAstorageId}',
        'enabled': '<true to enable flow log or false to disable flow log>',
        'retentionPolicy' : 
        {
            days: <enter number of days like to retail flow logs in storage account>,
            enabled: <true to enable retention or false to disable retention>
        }
    },
    'flowAnalyticsConfiguration':
    {
                'networkWatcherFlowAnalyticsConfiguration':
      {
        'enabled':,<true to enable traffic analytics or false to disable traffic analytics>
        'workspaceId':'bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb',
        'workspaceRegion':'<workspace region>',
        'workspaceResourceId':'/subscriptions/<workspace subscription id>/resourcegroups/<workspace resource group name>/providers/microsoft.operationalinsights/workspaces/<workspace name>'

      }

    }
}
"@
$apiversion = "2016-09-01"

$env:ARMCLIENT_ENV="MOONCAKE"
armclient login
armclient post "https://management.chinacloudapi.cn/subscriptions/<NSG subscription id>/resourceGroups/<network watcher resource group name>/providers/Microsoft.Network/networkWatchers/<network watcher name>/configureFlowlog?api-version=${apiversion}" $requestBody

Get cmdlet 示例:Get cmdlet example:

#Requestbody parameters
$TAtargetUri ="/subscriptions/<NSG subscription id>/resourceGroups/<NSG resource group name>/providers/Microsoft.Network/networkSecurityGroups/<NSG name>"

$requestBody = 
@"
{
    'targetResourceId': '${TAtargetUri}'
}
"@

$env:ARMCLIENT_ENV="MOONCAKE"
armclient login
armclient post "https://management.chinacloudapi.cn/subscriptions/<NSG subscription id>/resourceGroups/<network watcher resource group name>/providers/Microsoft.Network/networkWatchers/<network watcher name>/queryFlowLogStatus?api-version=${apiversion}" $requestBody

流量分析如何计费?How is Traffic Analytics priced?

流量分析是计量式的。Traffic Analytics is metered. 该计量的基础是由服务处理流日志数据,并将生成的增强日志存储在 Log Analytics 工作区中。The metering is based on processing of flow log data by the service, and storing the resulting enhanced logs in a Log Analytics workspace.

例如,根据定价计划,就 China East 2 而言,如果流量分析处理的存储帐户中存储的流日志数据为 10 GB,而 Log Analytics 工作区中引入的增强日志为 1 GB,则适用的费用是:10 x 23.405CNY + 1 x 23.4CNY = 257.45CNYFor example, as per the pricing plan, considering China East 2 region, if flow logs data stored in a storage account processed by Traffic Analytics is 10 GB and enhanced logs ingested in Log Analytics workspace is 1 GB then the applicable charges are: 10 x 23.405CNY + 1 x 23.4CNY = 257.45CNY

流量分析多久处理一次数据?How frequently does Traffic Analytics process data?

请参阅“流量分析架构和数据聚合”文档中的“数据聚合”部分Refer to the data aggregation section in Traffic Analytics Schema and Data Aggregation Document

流量分析如何确定 IP 是恶意 IP?How does Traffic Analytics decide that an IP is malicious?

流量分析依靠 Azure 内部威胁情报系统来确定某个 IP 是否为恶意 IP。Traffic Analytics relies on Azure internal threat intelligence systems to deem an IP as malicious. 这些系统利用各种遥测源,例如 Azure 产品和服务、Azure 的反数字犯罪部门 (DCU)、Microsoft 安全响应中心 (MSRC) 和外部馈送,并在此基础上构建大量情报。These systems leverage diverse telemetry sources like Azure products and services,the Azure Digital Crimes Unit (DCU), the Microsoft Security Response Center (MSRC), and external feeds and build a lot of intelligence on top of it. 其中一些数据是 Azure 内部数据。Some of this data is Azure Internal. 如果已知 IP 被标记为恶意 IP,请提出支持票证以了解详细信息。If a known IP is getting flagged as malicious, please raise a support ticket to know the details.

如何针对流量分析数据设置警报?How can I set alerts on Traffic Analytics data?

流量分析没有对警报的内置支持。Traffic Analytics does not have inbuilt support for alerts. 但是,由于流量分析数据存储在 Log Analytics 中,因此可以编写自定义查询并对其设置警报。However, since Traffic Analytics data is stored in Log Analytics you can write custom queries and set alerts on them. 步骤:Steps :

如何检查哪些 VM 接收的本地流量最多?How do I check which VMs are receiving most on-premises traffic?

AzureNetworkAnalytics_CL
| where SubType_s == "FlowLog" and FlowType_s == "S2S" 
| where <Scoping condition>
| mvexpand vm = pack_array(VM1_s, VM2_s) to typeof(string)
| where isnotempty(vm) 
| extend traffic = AllowedInFlows_d + DeniedInFlows_d + AllowedOutFlows_d + DeniedOutFlows_d // For bytes use: | extend traffic = InboundBytes_d + OutboundBytes_d 
| make-series TotalTraffic = sum(traffic) default = 0 on FlowStartTime_t from datetime(<time>) to datetime(<time>) step 1m by vm
| render timechart

对于 IP:For IPs:

AzureNetworkAnalytics_CL
| where SubType_s == "FlowLog" and FlowType_s == "S2S" 
//| where <Scoping condition>
| mvexpand IP = pack_array(SrcIP_s, DestIP_s) to typeof(string)
| where isnotempty(IP) 
| extend traffic = AllowedInFlows_d + DeniedInFlows_d + AllowedOutFlows_d + DeniedOutFlows_d // For bytes use: | extend traffic = InboundBytes_d + OutboundBytes_d 
| make-series TotalTraffic = sum(traffic) default = 0 on FlowStartTime_t from datetime(<time>) to datetime(<time>) step 1m by IP
| render timechart

对于时间,请使用格式:yyyy-mm-dd 00:00:00For time, use format : yyyy-mm-dd 00:00:00

如何查看 VM 从本地计算机接收的流量的标准偏差?How do I check standard deviation in traffic received by my VMs from on-premises machines?

AzureNetworkAnalytics_CL
| where SubType_s == "FlowLog" and FlowType_s == "S2S" 
//| where <Scoping condition>
| mvexpand vm = pack_array(VM1_s, VM2_s) to typeof(string)
| where isnotempty(vm) 
| extend traffic = AllowedInFlows_d + DeniedInFlows_d + AllowedOutFlows_d + DeniedOutFlows_d // For bytes use: | extend traffic = InboundBytes_d + utboundBytes_d
| summarize deviation = stdev(traffic)  by vm

对于 IP:For IPs:

AzureNetworkAnalytics_CL
| where SubType_s == "FlowLog" and FlowType_s == "S2S" 
//| where <Scoping condition>
| mvexpand IP = pack_array(SrcIP_s, DestIP_s) to typeof(string)
| where isnotempty(IP) 
| extend traffic = AllowedInFlows_d + DeniedInFlows_d + AllowedOutFlows_d + DeniedOutFlows_d // For bytes use: | extend traffic = InboundBytes_d + OutboundBytes_d
| summarize deviation = stdev(traffic)  by IP

如何使用 NSG 规则检查 IP 对之间哪些端口可以访问(或被阻止)?How do I check which ports are reachable (or blocked) between IP pairs with NSG rules?

AzureNetworkAnalytics_CL
| where SubType_s == "FlowLog" and TimeGenerated between (startTime .. endTime)
| extend sourceIPs = iif(isempty(SrcIP_s), split(SrcPublicIPs_s, " ") , pack_array(SrcIP_s)),
destIPs = iif(isempty(DestIP_s), split(DestPublicIPs_s," ") , pack_array(DestIP_s))
| mvexpand SourceIp = sourceIPs to typeof(string)
| mvexpand DestIp = destIPs to typeof(string)
| project SourceIp = tostring(split(SourceIp, "|")[0]), DestIp = tostring(split(DestIp, "|")[0]), NSGList_s, NSGRule_s, DestPort_d, L4Protocol_s, FlowStatus_s 
| summarize DestPorts= makeset(DestPort_d) by SourceIp, DestIp, NSGList_s, NSGRule_s, L4Protocol_s, FlowStatus_s

如何在地图视图中使用键盘导航?How can I navigate by using the keyboard in the geo map view?

地图页面包含两个主要部分:The geo map page contains two main sections:

  • 标题:地图顶部的标题提供用于选择流量分配筛选器(例如,“部署”、“来自国家/地区的流量”和“恶意”)的按钮。Banner: The banner at the top of the geo map provides buttons to select traffic distribution filters (for example, Deployment, Traffic from countries/regions, and Malicious). 选择某按钮时,将在地图上应用相应的筛选器。When you select a button, the respective filter is applied on the map. 例如,如果选择“活动”按钮,则地图会突出显示部署中的活动数据中心。For example, if you select the Active button, the map highlights the active datacenters in your deployment.
  • 地图:标题下的地图部分显示 Azure 数据中心和国家/地区之间的流量分配。Map: Below the banner, the map section shows traffic distribution among Azure datacenters and countries/regions.

标题中的键盘导航Keyboard navigation on the banner

  • 地图页面标题部分默认选择“Azure DC”筛选器。By default, the selection on the geo map page for the banner is the "Azure DCs" filter.
  • 若要移至另一个筛选器,请使用 TabRight arrow 键。To move to another filter, use either the Tab or the Right arrow key. 若要向后移动,请使用 Shift+TabLeft arrow 键。To move backward, use either the Shift+Tab or the Left arrow key. 向前导航是从左到右,然后是从上到下。Forward navigation is left to right, followed by top to bottom.
  • EnterDown 箭头键可应用选定的筛选器。Press Enter or the Down arrow key to apply the selected filter. 根据选择的筛选器和部署,将在下方的“地图”部分突出显示一个或多个节点。Based on filter selection and deployment, one or multiple nodes under the map section are highlighted.
  • 若要在“标题”与“地图”之间切换,请按 Ctrl+F6To switch between banner and map, press Ctrl+F6.

地图中的键盘导航Keyboard navigation on the map

  • 在标题中选择任一筛选器并按 Ctrl+F6 后,焦点将移至地图视图中某个突出显示的节点(“Azure 数据中心”或“国家/地区”) 。After you have selected any filter on the banner and pressed Ctrl+F6, focus moves to one of the highlighted nodes (Azure datacenter or Country/Region) in the map view.
  • 若要移至地图中其他突出显示的节点,请使用 TabRight arrow 键向前移动。To move to other highlighted nodes in the map, use either Tab or the Right arrow key for forward movement. 使用 Shift+TabLeft arrow 键向后移动。Use Shift+Tab or the Left arrow key for backward movement.
  • 若要在地图中选择突出显示的任一节点,可以使用 EnterDown arrow 键。To select any highlighted node in the map, use the Enter or Down arrow key.
  • 选择任一此类节点后,焦点会转移到节点的“信息工具框”。On selection of any such nodes, focus moves to the Information Tool Box for the node. 默认情况下,焦点会转移到“信息工具框”中的关闭按钮。By default, focus moves to the closed button on the Information Tool Box. 若要进一步在“框”视图中移动,可分别使用 Right arrowLeft arrow 键向前和向后移动。To further move inside the Box view, use Right arrow and Left arrow keys to move forward and backward, respectively. Enter 的效果与在“信息工具框”中选择聚焦的按钮相同。Pressing Enter has same effect as selecting the focused button in the Information Tool Box.
  • 当焦点位于“信息工具框”时,如果按 Tab,则焦点会移至选定节点所在的同一大洲中的终结点。When you press Tab while the focus is on the Information Tool Box, the focus moves to the end points in the same continent as the selected node. 使用 Right arrowLeft arrow 键可浏览这些终结点。Use the Right arrow and Left arrow keys to move through these endpoints.
  • 若要移至其他流终结点或大洲群集,请使用 Tab 向前移动,或使用 Shift+Tab 向后移动。To move to other flow endpoints or continent clusters, use Tab for forward movement and Shift+Tab for backward movement.
  • 焦点位于“大洲群集”时,可以使用 EnterDown 箭头键突出显示大洲群集中的终结点。When the focus is on Continent clusters, use the Enter or Down arrow keys to highlight the endpoints inside the continent cluster. 若要在大洲群集的信息框中浏览终结点和使用关闭按钮,可分别使用 Right arrowLeft arrow 键向前或向后移动。To move through endpoints and the close button on the information box of the continent cluster, use either the Right arrow or Left arrow key for forward and backward movement, respectively. 在任一终结点上,可以使用 Shift+L 切换到从选定节点到终结点的连接线。On any endpoint, you can use Shift+L to switch to the connection line from the selected node to the endpoint. 可以再次按 Shift+L 以移至所选终结点。You can press Shift+L again to move to the selected endpoint.

任何阶段的键盘导航Keyboard navigation at any stage

  • Esc 可折叠已展开的选定内容。Esc collapses the expanded selection.
  • Up-arrow 键可执行按 Esc 时所执行的相同操作。The Up-arrow key performs the same action as Esc. Down arrow 键可执行按 Enter 时所执行的相同操作。The Down arrow key performs the same action as Enter.
  • 使用 Shift+Plus 可以放大,使用 Shift+Minus 可以缩小。Use Shift+Plus to zoom in, and Shift+Minus to zoom out.

如何在虚拟网络拓扑视图中使用键盘导航?How can I navigate by using the keyboard in the virtual network topology view?

虚拟网络拓扑页面包含两个主要部分:The virtual networks topology page contains two main sections:

  • 标题:虚拟网络拓扑顶部标题提供用于选择流量分布筛选器(例如,“已连接的虚拟网络”、“已断开连接的虚拟网络”和“公共 IP”)的按钮。Banner: The banner at the top of the virtual networks topology provides buttons to select traffic distribution filters (for example, Connected virtual networks, Disconnected virtual networks, and Public IPs). 选择某按钮时,将在拓扑上应用相应的筛选器。When you select a button, the respective filter is applied on the topology. 例如,如果选择“活动”按钮,则拓扑会突出显示部署中的活动虚拟网络。For example, if you select the Active button, the topology highlights the active virtual networks in your deployment.
  • 拓扑:标题下的拓扑部分显示虚拟网络之间的流量分布。Topology: Below the banner, the topology section shows traffic distribution among virtual networks.

标题中的键盘导航Keyboard navigation on the banner

  • 虚拟网络拓扑页面标题部分默认选择“已连接的 VNet”筛选器。By default, the selection on the virtual networks topology page for the banner is the "Connected VNets" filter.
  • 若要移至另一个筛选器,请使用 Tab 键向前移动。To move to another filter, use the Tab key to move forward. 若要向后移动,请使用 Shift+Tab 键。To move backward, use the Shift+Tab key. 向前导航是从左到右,然后是从上到下。Forward navigation is left to right, followed by top to bottom.
  • Enter 可应用选定的筛选器。Press Enter to apply the selected filter. 根据选择的筛选器和部署,将在下方的“拓扑”部分突出显示一个或多个节点(虚拟网络)。Based on the filter selection and deployment, one or multiple nodes (virtual network) under the topology section are highlighted.
  • 若要在“标题”与“拓扑”之间切换,请按 Ctrl+F6To switch between the banner and the topology, press Ctrl+F6.

拓扑中的键盘导航Keyboard navigation on the topology

  • 在标题中选择任一筛选器并按 Ctrl+F6 后,焦点移至拓扑视图中某个突出显示的节点 (VNet)。After you have selected any filter on the banner and pressed Ctrl+F6, focus moves to one of the highlighted nodes (VNet) in the topology view.
  • 若要移至拓扑视图中其他突出显示的节点,请使用 Shift+Right arrow 键向前移动。To move to other highlighted nodes in the topology view, use the Shift+Right arrow key for forward movement.
  • 在突出显示的节点上,焦点会移至节点的“信息工具框”。On highlighted nodes, focus moves to the Information Tool Box for the node. 默认情况下,焦点会移至“信息工具框”中的“更多详细信息”按钮 。By default, focus moves to the More details button on the Information Tool Box. 若要进一步在“框”视图中移动,可分别使用 Right arrowLeft arrow 键向前和向后移动。To further move inside the Box view, use the Right arrow and Left arrow keys to move forward and backward, respectively. Enter 的效果与在“信息工具框”中选择聚焦的按钮相同。Pressing Enter has same effect as selecting the focused button in the Information Tool Box.
  • 选择任何此类节点时,可通过按 Shift+Left arrow 键逐个访问其所有连接。On selection of any such nodes, you can visit all its connections, one by one, by pressing the Shift+Left arrow key. 焦点将移至该连接的“信息工具框”。Focus moves to the Information Tool Box of that connection. 在任何时候,都可通过再次按 Shift+Right arrow,将焦点移回该节点。At any point, the focus can be shifted back to the node by pressing Shift+Right arrow again.

如何在子网拓扑视图中使用键盘导航?How can I navigate by using the keyboard in the subnet topology view?

虚拟子网拓扑页面包含两个主要部分:The virtual subnetworks topology page contains two main sections:

  • 标题:虚拟子网拓扑顶部的标题提供用于选择流量分布筛选器(例如“活动”、“中型”和“网关子网”)的按钮。Banner: The banner at the top of the virtual subnetworks topology provides buttons to select traffic distribution filters (for example, Active, Medium, and Gateway subnets). 选择某按钮时,将在拓扑上应用相应的筛选器。When you select a button, the respective filter is applied on the topology. 例如,如果选择“活动”按钮,则拓扑会突出显示部署中的活动虚拟子网。For example, if you select the Active button, the topology highlights the active virtual subnetwork in your deployment.
  • 拓扑:标题下的拓扑部分显示虚拟子网络之间的流量分布。Topology: Below the banner, the topology section shows traffic distribution among virtual subnetworks.

标题中的键盘导航Keyboard navigation on the banner

  • 虚拟子网拓扑页面标题部分默认选择“子网”筛选器。By default, the selection on the virtual subnetworks topology page for the banner is the "Subnets" filter.
  • 若要移至另一个筛选器,请使用 Tab 键向前移动。To move to another filter, use the Tab key to move forward. 若要向后移动,请使用 Shift+Tab 键。To move backward, use the Shift+Tab key. 向前导航是从左到右,然后是从上到下。Forward navigation is left to right, followed by top to bottom.
  • Enter 可应用选定的筛选器。Press Enter to apply the selected filter. 根据选择的筛选器和部署,将在“拓扑”部分下面突出显示一个或多个节点(子网)。Based on filter selection and deployment, one or multiple nodes (Subnet) under the topology section are highlighted.
  • 若要在“标题”与“拓扑”之间切换,请按 Ctrl+F6To switch between the banner and the topology, press Ctrl+F6.

拓扑中的键盘导航Keyboard navigation on the topology

  • 在标题中选择任一筛选器并按 Ctrl+F6 后,焦点移至拓扑视图中某个突出显示的节点(子网)。After you have selected any filter on the banner and pressed Ctrl+F6, focus moves to one of the highlighted nodes (Subnet) in the topology view.
  • 若要移至拓扑视图中其他突出显示的节点,请使用 Shift+Right arrow 键向前移动。To move to other highlighted nodes in the topology view, use the Shift+Right arrow key for forward movement.
  • 在突出显示的节点上,焦点会移至节点的“信息工具框”。On highlighted nodes, focus moves to the Information Tool Box for the node. 默认情况下,焦点会移至“信息工具框”中的“更多详细信息”按钮 。By default, focus moves to the More details button on the Information Tool Box. 若要进一步在“框”视图中移动,可分别使用 Right arrowLeft arrow 键向前和向后移动。To further move inside the Box view, use Right arrow and Left arrow keys to move forward and backward, respectively. Enter 的效果与在“信息工具框”中选择聚焦的按钮相同。Pressing Enter has same effect as selecting the focused button in the Information Tool Box.
  • 选择任何此类节点时,可通过按 Shift+Left arrow 键逐个访问其所有连接。On selection of any such nodes, you can visit all its connections, one by one, by pressing Shift+Left arrow key. 焦点将移至该连接的“信息工具框”。Focus moves to the Information Tool Box of that connection. 在任何时候,都可通过再次按 Shift+Right arrow,将焦点移回该节点。At any point, the focus can be shifted back to the node by pressing Shift+Right arrow again.