Microsoft Docs

What is Azure Network Watcher?

Azure Network Watcher provides tools to monitor, diagnose, and gain insights into the performance of your Azure network resources. You can enable or disable Network Watcher for regions, and for specific virtual machines. When enabled, Network Watcher allows you to monitor and diagnose network configuration issues for virtual machines and network designs.

Network Watcher offers a comprehensive suite of tools, including:

• Connection Troubleshoot: Diagnose connectivity issues between virtual machines and endpoints.

• IP Flow Verify: Verify if traffic is allowed or denied to or from a virtual machine.

• Network Security Group (NSG) Flow Logs: Analyze network traffic on NSGs.

• Connection Monitor: Monitor connectivity and performance between a pair of endpoints.

• Next Hop: Determine the next hop to traffic from a virtual machine.

• Security Group View: View the effective security rules applied to a virtual machine.

• Packet Capture: Capture network traffic to and from a virtual machine.

• Topology: Visualize your Azure network topology.

• Resource Health: View the health of your network resources.

Key Capabilities

Network Watcher enables you to:

• Monitor network performance and health.
• Diagnose network connectivity issues proactively and reactively.
• Gain visibility into network traffic flows.
• Troubleshoot configuration problems quickly.
• Visualize your network topology for better understanding.

How to use Network Watcher

Network Watcher can be accessed and managed through the Azure portal, Azure CLI, Azure PowerShell, and REST APIs.

Enabling Network Watcher

Network Watcher is enabled at the region level. You can enable Network Watcher for a specific region in the Azure portal:

1. Navigate to the Azure portal.
2. Search for "Network Watcher".
3. In the Network Watcher overview page, select the desired region.
4. Click "Enable Network Watcher".

Once enabled for a region, Network Watcher is available for all subscriptions in that region. You can then enable specific features like Packet Capture or Connection Monitor for individual resources.

Using Network Watcher Tools

Each tool within Network Watcher is designed to help with specific aspects of network monitoring and diagnostics. For example:

Packet Capture: Allows you to capture network packets flowing to and from a virtual machine. This is invaluable for deep-dive troubleshooting of application-level connectivity issues.

# Example using Azure CLI
az network watcher packet-capture create --name MyPacketCapture --net-watcher-name NetworkWatcher_WestUS --resource-group MyResourceGroup --vm MyVM --file-path /var/log/pcap/capture.cap --capture-size 102400 --duration 300

Connection Monitor: Helps you monitor the reachability and latency of network paths between endpoints in Azure. You can configure connection monitors to periodically test connectivity and alert you to issues.

Benefits of using Network Watcher

• Reduced Downtime: Proactively identify and resolve network issues before they impact users.
• Faster Troubleshooting: Quickly diagnose and pinpoint the root cause of network problems.
• Improved Performance: Monitor and optimize network performance for your applications.
• Enhanced Security Visibility: Understand network traffic patterns and security rule effectiveness.
• Centralized Monitoring: Manage and monitor your entire Azure network from a single pane of glass.

Learn More

Explore the following resources for more detailed information:

• Troubleshoot common network issues with Network Watcher
• Network Watcher packet capture overview
• Network Watcher connection monitor overview