![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 63%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMR%3C/text%3E%3C/svg%3E)
Azure Network Watcher
An Azure service that is used to monitor, diagnose, and gain insights into network performance and health.
161 questions
Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
Important thing to note : Flow logs aren't created for a for a RG, we can only create flow logs for an NSG
Here is the reference for Bicep Template for enabling NSG Flow logs: https://video2.skills-academy.com/en-us/azure/templates/microsoft.network/networkwatchers/flowlogs?pivots=deployment-language-bicep
- Now, a subscription will have only one Network Watcher for a specific region.
- And this resource will only belong to NetworkWatcherRG
- This is by design and we cannot change neither of them
- And you can only use this Network Watcher to enable flow logs (for that region).
Wrt, "And one more question is there any possible way to create multiple flow logs for the same RG with different Subnet address prefix"
- As I said, a flow log can be enabled for an NSG only
- flow logs for "the same RG with different Subnet address prefix" doesn't really make any sense
- If your intention is to create flow logs for the NSGs associated to various subnets in a RG, yes it can be done
- Please note, this will be created as different flow logs
- A single flow log will only log packet details from a single NSG
To provide more context,
- A flow log of a NSG is a sub resource of a Networker Watcher of that region.
- This means, you can have multiple NSG Flow logs in a single Network Watcher (of same region)
- RG doesn't add any value or restriction here.
- As in your case,
- If you have multiple NSGs in your RG and want to create NSG Flow logs for them, you can very much do so
- If all those NSGs are in same region, their corresponding flow logs will belong to the Network Watcher of that Region
- If those NSGs are in different region(s), their corresponding flow logs will belong to the particular Network Watcher of that particular Region
- If all those NSGs are in same region, their corresponding flow logs will belong to the Network Watcher of that Region
- If you have multiple NSGs in your RG and want to create NSG Flow logs for them, you can very much do so
Thanks,
Kapil
Please Accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer.
