撤消网络安全组中的更改
是否可以审核和/或还原对网络安全组所做的更改?
Is it possible to audit, and/ror revert changes, that has been made to a network security group?
说一位顾问意外删除了一个未记录的防火墙规则,该规则是compex(由许多ip等组成).
Say an consultant accidentally deletes a undocumented firewall rule which is compex (consist of many ip etc.)
不幸的是,它无法直接还原对网络安全组规则的任何更改.但是,您可以审核对其所做的任何更改,例如创建或删除Network Security Group规则的时间.为了查看这些日志, 您首先需要在门户中启用诊断日志记录.这是从网络安全组的诊断日志"部分下完成的.
Unfortunately, it is not possible to revert any changes made to a Network Security Group rule directly. However, you can audit any changes which were made to it, such as when a Network Security Group rule was created or deleted. In order to view these logs, you will first need to enable Diagnostic Logging in the Portal. This is done from your Network Security Group under the Diagnostics logs section.
我们有此指南其中显示了具体步骤,以在需要时提供更详细的说明.
为网络安全组启用诊断日志记录后,您可以查看过去创建的任何规则的详细信息,即使以后将其删除也是如此.日志可以存档到存储帐户,流式传输到事件中心或发送到日志
分析
We have this guide which shows the specific steps for more detailed instructions if you need them.
Once diagnostic logging has been enabled for the Network Security Group, you can view details for any rules that were created in the past even if they are later deleted. Logs can be archived to a storage account, streamed to an event hub or sent to Log
Analytics
如果此答案有帮助,请单击标记为答案"或投票.要提供有关您的论坛体验的其他反馈,请单击 此处
If this answer was helpful, click "Mark as Answer" or Up-Vote. To provide additional feedback on your forum experience, click Here