Resource Type: Azure > Network Watcher > Flow Log
The Flow Log resource type is a network traffic log that can be used to monitor and diagnose conditions at a granular level in, to, and from a network security group within Azure.
Resource Context
Flow Log is a part of the Network Watcher service.
Each Flow Log lives under a Network Watcher.
Controls
The primary controls for Azure > Network Watcher > Flow Log are:
It is also targeted by these controls:
- Azure > CIS v1 > 6 Networking > 6.04 Ensure that Network Security Group Flow Log retention period is 'greater than 90 days' (Scored)
- Azure > CIS v2.0 > 05 - Logging and Monitoring > 5.01 - Configuring Diagnostic Settings > 5.01.06 - Ensure that Network Security Group Flow logs are captured and sent to Log Analytics
- Azure > CIS v2.0 > 06 - Networking > 6.05 - Ensure that Network Security Group Flow Log retention period is 'greater than 90 days'
Category
In Your Workspace
- Controls by Resource Type report
- Policy Settings by Resource Type report
- Resources by Resource Type report
Developers
- tmod:@turbot/azure-networkwatcher#/resource/types/flowLog
- tmod:@turbot/turbot#/resource/categories/networking
- turbot graphql resource --id "tmod:@turbot/azure-networkwatcher#/resource/types/flowLog"
Get Resource- select * from guardrails_resource where resource_type_uri = 'tmod:@turbot/azure-networkwatcher#/resource/types/flowLog';
- select * from guardrails_policy_setting where filter = 'resourceTypeId:"tmod:@turbot/azure-networkwatcher#/resource/types/flowLog"';
- select * from guardrails_notification where resource_type_uri = 'tmod:@turbot/azure-networkwatcher#/resource/types/flowLog' and notification_type in ('resource_updated', 'resource_created');
Get ResourceGet Policy Settings (By Resource ID)Get Resource Notification
Resource Type URI
Category URI
GraphQL
CLI
Steampipe Query