< Back
New-AzureRmPacketCaptureFilterConfig
Post
NAME New-AzureRmPacketCaptureFilterConfig
SYNOPSIS
Creates a new packet capture filter object.
SYNTAX
New-AzureRmPacketCaptureFilterConfig [-DefaultProfile <IAzureContextContainer>] [-LocalIPAddress <String>] [-LocalPort <String>] [-Protocol
<String>] [-RemoteIPAddress <String>] [-RemotePort <String>] [<CommonParameters>]
DESCRIPTION
The New-AzureRmPacketCaptureFilterConfig cmdlet creates a new packet capture filter object. This object is used to restrict the type of packets
that are captured during a packet capture session using the specified criteria. The New-AzureRmNetworkWatcherPacketCapture cmdlet can accept
multiple filter objects to enable composable capture sessions.
PARAMETERS
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure.
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-LocalIPAddress <String>
Specifies the Local IP Address to filter on. Example inputs: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range.
"127.0.0.1;127.0.0.5;" for multiple entries.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-LocalPort <String>
Specifies the Local IP Address to filter on. Example inputs: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range.
"127.0.0.1;127.0.0.5;" for multiple entries.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Protocol <String>
Specifies the Procotol to filter on. Acceptable values "TCP","UDP","Any"
Required? false
Position? named
Default value None
Accept pipeline input? True (ByValue)
Accept wildcard characters? false
-RemoteIPAddress <String>
Specifies the remote IP address to filter on. Example inputs: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range.
"127.0.0.1;127.0.0.5;" for multiple entries.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-RemotePort <String>
Specifies the Remote Port to filter on. Remote port Example inputs: "80" for single port entry. "80-85" for range. "80;443;" for multiple
entries.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
System.String
OUTPUTS
Microsoft.Azure.Commands.Network.Models.PSPacketCaptureFilter
NOTES
Keywords: azure, azurerm, arm, resource, management, manager, network, networking, watcher, packet, capture, traffic, filter
--- Example 1: Create a Packet Capture with multiple filters ---
$nw = Get-AzurermResource | Where {$_.ResourceType -eq "Microsoft.Network/networkWatchers" -and $_.Location -eq "WestCentralUS" }
$networkWatcher = Get-AzureRmNetworkWatcher -Name $nw.Name -ResourceGroupName $nw.ResourceGroupName
$storageAccount = Get-AzureRmStorageAccount -ResourceGroupName contosoResourceGroup -Name contosostorage123
$filter1 = New-AzureRmPacketCaptureFilterConfig -Protocol TCP -RemoteIPAddress "1.1.1.1-255.255.255" -LocalIPAddress "10.0.0.3" -LocalPort
"1-65535" -RemotePort "20;80;443"
$filter2 = New-AzureRmPacketCaptureFilterConfig -Protocol UDP
New-AzureRmNetworkWatcherPacketCapture -NetworkWatcher $networkWatcher -TargetVirtualMachineId $vm.Id -PacketCaptureName "PacketCaptureTest"
-StorageAccountId $storageAccount.id -TimeLimitInSeconds 60 -Filters $filter1, $filter2
In this example we create a packet capture named "PacketCaptureTest" with multiple filters and a time limit. Once the session is complete, it will
be saved to the specified storage account.
Note: The Azure Network Watcher extension must be installed on the target virtual machine to create packet captures.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... lterconfig
New-AzureRmNetworkWatcherPacketCapture
Get-AzureRmNetworkWatcherPacketCapture
Remove-AzureRmNetworkWatcherPacketCapture
Stop-AzureRmNetworkWatcherPacketCapture
New-AzureRmNetworkWatcher
Get-AzureRmNetworkWatcher
Remove-AzureRmNetworkWatcher
Test-AzureRmNetworkWatcherIPFlow
Get-AzureRmNetworkWatcherNextHop
Get-AzureRmNetworkWatcherSecurityGroupView
Get-AzureRmNetworkWatcherTopology
Start-AzureRmNetworkWatcherResourceTroubleshooting
SYNOPSIS
Creates a new packet capture filter object.
SYNTAX
New-AzureRmPacketCaptureFilterConfig [-DefaultProfile <IAzureContextContainer>] [-LocalIPAddress <String>] [-LocalPort <String>] [-Protocol
<String>] [-RemoteIPAddress <String>] [-RemotePort <String>] [<CommonParameters>]
DESCRIPTION
The New-AzureRmPacketCaptureFilterConfig cmdlet creates a new packet capture filter object. This object is used to restrict the type of packets
that are captured during a packet capture session using the specified criteria. The New-AzureRmNetworkWatcherPacketCapture cmdlet can accept
multiple filter objects to enable composable capture sessions.
PARAMETERS
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure.
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-LocalIPAddress <String>
Specifies the Local IP Address to filter on. Example inputs: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range.
"127.0.0.1;127.0.0.5;" for multiple entries.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-LocalPort <String>
Specifies the Local IP Address to filter on. Example inputs: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range.
"127.0.0.1;127.0.0.5;" for multiple entries.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Protocol <String>
Specifies the Procotol to filter on. Acceptable values "TCP","UDP","Any"
Required? false
Position? named
Default value None
Accept pipeline input? True (ByValue)
Accept wildcard characters? false
-RemoteIPAddress <String>
Specifies the remote IP address to filter on. Example inputs: "127.0.0.1" for single address entry. "127.0.0.1-127.0.0.255" for range.
"127.0.0.1;127.0.0.5;" for multiple entries.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-RemotePort <String>
Specifies the Remote Port to filter on. Remote port Example inputs: "80" for single port entry. "80-85" for range. "80;443;" for multiple
entries.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
System.String
OUTPUTS
Microsoft.Azure.Commands.Network.Models.PSPacketCaptureFilter
NOTES
Keywords: azure, azurerm, arm, resource, management, manager, network, networking, watcher, packet, capture, traffic, filter
--- Example 1: Create a Packet Capture with multiple filters ---
$nw = Get-AzurermResource | Where {$_.ResourceType -eq "Microsoft.Network/networkWatchers" -and $_.Location -eq "WestCentralUS" }
$networkWatcher = Get-AzureRmNetworkWatcher -Name $nw.Name -ResourceGroupName $nw.ResourceGroupName
$storageAccount = Get-AzureRmStorageAccount -ResourceGroupName contosoResourceGroup -Name contosostorage123
$filter1 = New-AzureRmPacketCaptureFilterConfig -Protocol TCP -RemoteIPAddress "1.1.1.1-255.255.255" -LocalIPAddress "10.0.0.3" -LocalPort
"1-65535" -RemotePort "20;80;443"
$filter2 = New-AzureRmPacketCaptureFilterConfig -Protocol UDP
New-AzureRmNetworkWatcherPacketCapture -NetworkWatcher $networkWatcher -TargetVirtualMachineId $vm.Id -PacketCaptureName "PacketCaptureTest"
-StorageAccountId $storageAccount.id -TimeLimitInSeconds 60 -Filters $filter1, $filter2
In this example we create a packet capture named "PacketCaptureTest" with multiple filters and a time limit. Once the session is complete, it will
be saved to the specified storage account.
Note: The Azure Network Watcher extension must be installed on the target virtual machine to create packet captures.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... lterconfig
New-AzureRmNetworkWatcherPacketCapture
Get-AzureRmNetworkWatcherPacketCapture
Remove-AzureRmNetworkWatcherPacketCapture
Stop-AzureRmNetworkWatcherPacketCapture
New-AzureRmNetworkWatcher
Get-AzureRmNetworkWatcher
Remove-AzureRmNetworkWatcher
Test-AzureRmNetworkWatcherIPFlow
Get-AzureRmNetworkWatcherNextHop
Get-AzureRmNetworkWatcherSecurityGroupView
Get-AzureRmNetworkWatcherTopology
Start-AzureRmNetworkWatcherResourceTroubleshooting