Hi @Heman ,
I could find this built-in policy which helps to deploy network watcher when virtual networks are created. I believe you may re-use this policy to create a custom policy by changing virtual network resource type in policyRule section to virtual machine resource type and see if it works.
Other related references:
- This is another such built-in policy which helps to enable network watcher
- Built-in policies
- Create custom policy definition
- Azure Policy Samples