Network Watcher
Azure Network Watcher is a network monitoring solution that provides tools to diagnose, monitor, and view metrics and logging for resources in an Azure virtual network. This includes application gateway traffic, load balancers, and ExpressRoute circuits.
Azure Network Watcher offers the following capabilities:
- Monitoring
- Network diagnostics
- Metrics
- Logs
- Tools for troubleshooting connection problems
Network Watcher will be automatically enabled when a new virtual network is created or updated. There is no extra charge for enabling Network Watcher inside a subscription.
Top Tip
To make use of Network Watcher, you will require the appropriate role-based access control (RBAC) role permissions, such as Contributor, Owner, orNetwork Contributor.
Monitoring
Monitoring provides several tools that are useful for monitoring your network traffic as well as creating visibility of your Azure Virtual Network (VNet) resources and how they communicate with each other. The following figure depicts the tools available under the Monitoring context in the Network Watcher blade:
Figure 18.1 – Network Watcher, Monitoring
We describe each of these tools in more detail in the following subsections.
Topology
The Topology tool enables you to visually understand the interconnections between resources and how they are configured to communicate with each other within a VNet. This can be a great high-level overview of the VNet you are working with.
Connection monitor
This is acloud-based hybrid network monitoring solution that can monitor the communication between virtual machines (VMs) and endpoints. An endpoint can be another VM, a URL, an IPv4 or IPv6 address, or a fully qualified domain name (FQDN). The network communication is monitored at regular intervals and information about latency, network topology changes, and the reachability between a VM and the endpoint is collected. If an endpoint becomes unreachable, Network Watcher will inform the user about the error. The reason for this can be a problem with the memory or CPU of a VM, a security rule for the VM, or the hop type of a custom route.
Network Performance Monitor
Network Performance Monitor (NPM) is a hybrid network monitoring solution. It can monitor network connectivity for on-premises and cloud networks, and between various points in your network infrastructure. It can detect issues such as routing errors and blackholing. The monitoring solution is stored inside Azure Log Analytics.
NPM can create alerts and notifications when network performance errors appear, and it can localize the source of the problem to a specific network device or segment.
It offers the following capabilities:
- Performance monitor: A performance monitor can monitor the network connectivity across cloud deployments and on-premises locations. It can also monitor connectivity between multiple data centers, branch offices, multi-tier applications, and microservices.
- Service connectivity monitor: You can identify the network bottlenecks inside the network infrastructure and detect the exact locations of the issues in the network. You can also monitor connectivity between users and services.
- ExpressRoute monitor: You can monitor the ExpressRoute connection between the on-premises locations and Azure.
Latency problems are also monitored. The connection monitor will provide the average, minimum, and maximum latency observed over time. The monitoring solution is capable of monitoring network performance between various points in the network infrastructure and it can generate alerts and notifications.
As of July 1, 2021, this has been considered a legacy service; you can no longer add new tests to an existing workspace, nor can you create new workspaces in NPM. You should now use the new Azure Connection Monitor instead and are advised to migrate any tests you had configured in NPM to Azure Connection Monitor.