az network network-watcher packet-capture
These commands require that both Azure Network Watcher is enabled for the VMs region and that AzureNetworkWatcherExtension is enabled on the VM.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az network network-watcher packet-capture create |
Create and start a packet capture on the specified VM. |
Core | GA |
| az network network-watcher packet-capture delete |
Delete the specified packet capture session. |
Core | GA |
| az network network-watcher packet-capture list |
List all packet capture sessions within the specified resource group. |
Core | GA |
| az network network-watcher packet-capture query-status |
Query the status of a running packet capture session. |
Core | GA |
| az network network-watcher packet-capture show |
Get a packet capture session by name. |
Core | GA |
| az network network-watcher packet-capture stop |
Stops a specified packet capture session. |
Core | GA |
az network network-watcher packet-capture create
Create and start a packet capture on the specified VM.
az network network-watcher packet-capture create --name --packet-capture-name
--network-watcher-name
--resource-group
--storage-location
--target
[--bytes-to-capture --bytes-to-capture-per-packet]
[--capture-settings]
[--continuous-capture {0, 1, f, false, n, no, t, true, y, yes}]
[--filters]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--scope]
[--target-type {AzureVM, AzureVMSS}]
[--time-limit-in-seconds]
[--total-bytes --total-bytes-per-session]Examples
Create and start a packet capture
az network network-watcher packet-capture create --network-watcher-name "NetworkWatcher_eastus2euap" --packet-capture-name "clitestpcap" --resource-group "NetworkWatcherRG" --storage-location '{"storageId": "/subscriptions//resourceGroups//providers/Microsoft.Storage/storageAccounts/", "filePath": "C:\Captures estByCli.cap"}' --target "/subscriptions/*****/resourceGroups//providers/Microsoft.Compute/virtualMachines/testVmName"Required Parameters
The name of the packet capture session.
The name of the network watcher.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
The storage location for a packet capture session. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
The ID of the targeted resource, only AzureVM and AzureVMSS as target type are currently supported.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Number of bytes captured per packet, the remaining bytes are truncated.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
| Default value: | 0 |
The capture setting holds the 'FileCount', 'FileSizeInBytes', 'SessionTimeLimitInSeconds' values. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
This continuous capture is a nullable boolean, which can hold 'null', 'true' or 'false' value. If we do not pass this parameter, it would be consider as 'null', default value is 'null'.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
A list of packet capture filters. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
A list of AzureVMSS instances which can be included or excluded to run packet capture. If both included and excluded are empty, then the packet capture will run on all instances of AzureVMSS. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Target type of the resource provided.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
| Accepted values: | AzureVM, AzureVMSS |
Maximum duration of the capture session in seconds.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Maximum size of the capture output.
| Property | Value |
|---|---|
| Parameter group: | Properties Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network network-watcher packet-capture delete
Delete the specified packet capture session.
az network network-watcher packet-capture delete [--ids]
[--name --packet-capture-name]
[--network-watcher-name]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--resource-group]
[--subscription]
[--yes]Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the packet capture session.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the network watcher.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Do not prompt for confirmation.
| Property | Value |
|---|---|
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network network-watcher packet-capture list
List all packet capture sessions within the specified resource group.
az network network-watcher packet-capture list --network-watcher-name
--resource-groupRequired Parameters
The name of the Network Watcher resource.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network network-watcher packet-capture query-status
Query the status of a running packet capture session.
az network network-watcher packet-capture query-status [--ids]
[--network-watcher-name]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--packet-capture-name]
[--resource-group]
[--subscription]Examples
Query a status of packet capture
az network network-watcher packet-capture query-status --network-watcher-name "NetworkWatcher_eastus2euap" --packet-capture-name "clitestpacp3" --resource-group "NetworkWatcherRG"Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the Network Watcher resource.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
The name given to the packet capture session.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network network-watcher packet-capture show
Get a packet capture session by name.
az network network-watcher packet-capture show [--ids]
[--name --packet-capture-name]
[--network-watcher-name]
[--resource-group]
[--subscription]Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the packet capture session.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the network watcher.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az network network-watcher packet-capture stop
Stops a specified packet capture session.
az network network-watcher packet-capture stop [--ids]
[--network-watcher-name]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--packet-capture-name]
[--resource-group]
[--subscription]Examples
Stop a packet capture
az network network-watcher packet-capture stop --network-watcher-name "NetworkWatcher_eastus2euap" --packet-capture-name "clitestpacp3" --resource-group "NetworkWatcherRG"Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the network watcher.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
The name of the packet capture session.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
