What is Azure Network Watcher Packet Capture good for?

Experience Level: Junior
Tags: Azure Network Watcher

Answer

Network Watcher variable packet capture allows you to create packet capture sessions to track traffic to and from a virtual machine. Packet capture helps to diagnose network anomalies both reactively and proactively. Other uses include gathering network statistics, gaining information on network intrusions, to debug client-server communications and much more.

Packet capture is an extension that is remotely started through Network Watcher. This capability eases the burden of running a packet capture manually on the desired virtual machine or Virtual Machine Scale Sets instance/(s), which saves valuable time. Packet capture can be triggered through the portal, PowerShell, CLI, or REST API. One example of how packet capture can be triggered is with Virtual Machine alerts. Filters are provided for the capture session to ensure you capture traffic you want to monitor. Filters are based on 5-tuple (protocol, local IP address, remote IP address, local port, and remote port) information. The captured data is stored in the local disk or a storage blob.

Packet capture requires a virtual machine extension AzureNetworkWatcherExtension.
AZ-104 Microsoft Azure Administrator Preparation
AZ-104 Microsoft Azure Administrator Preparation

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself
AZ-700 Designing and Implementing Microsoft Azure Networking Solutions preparation
AZ-700 Designing and Implementing Microsoft Azure Networking Solutions preparation

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself
Azure Network Watcher
Azure Network Watcher

Are you learning Azure Cloud ? Try our test we designed to help you progress faster.

Test yourself