To enable the Network Security Group (NSG) flow data collection in VMware Aria Operations for Networks, you must enable the NSG flow log in your Azure environment.
The procedure and task related to Azure are documented in
https://docs.microsoft.com/en-us/azure/network-watcher/.
Procedure
- Enable network watcher in your Azure environment. For more information, see tutorials on Log VM network traffic in Azure Network Watcher Documentation.
- Register insights provider in your Azure environment. For more information, see tutorials on Log VM network traffic in Azure Network Watcher Documentation.
- Enable NSG flow log in your Azure environment. For more information, see tutorials on Log VM network traffic in Azure Network Watcher Documentation.
- In the Microsoft Azure portal, Click .
- Select the container in which you are storing the flow logs, then click Change access level and select one of the following options as per your requirement:
- Private (no anonymous access)
- Blob (anonymous read access for blobs only)
- Container (anonymous read access for container and blobs).
You must do this step for all the container in which you are storing the flow logs.