Docs

Getting started

Suggest Edits

Netography Fusion ingests VNet flow logs from Microsoft Azure via a storage account.

Each page in these instructions will walk you through the steps to integrate Azure with Netography Fusion using the az CLI:

  • Set your working subscription
  • Register Microsoft Insights Provider
  • Create a storage account
  • Create a flow log
  • Add Azure as a new flow source in Netography Fusion




If you previously chose to opt out of Network Watcher automatic enablement, you must manually enable Network Watcher in each region.

See: Enable or Disable Azure Network Watcher


If Azure Policy is in use, you may be restricted from performing these steps.

A RequestDisallowedByPolicy error means the Global Administrator role is being overridden by Azure Policy.

See: Resolve errors for request disallowed by policy


You'll need access to the Azure subscription(s) containing your Virtual Network(s) to be added to Netography Fusion with an Owner or Contributor role, or a custom role with the specific permissions required for each step:

  • /register/action operation permissions to register Microsoft Insights provider is included in the Owner and Contributor roles.
  • Microsoft.Network/networkWatchers/configureFlowLog/action permission is included in the Owner, Contributor, and Network Contributor roles .
  • Microsoft.Storage/storageAccounts/* permission is included in the Owner, Contributor, and Storage account contributor roles.
  • /register/action operation permissions is included in the Owner and Contributor roles.

Updated 3 months ago