我在将 nsg 流日志传输到不同订阅中的存储帐户时收到“错误请求”错误。使用相同订阅的存储帐户时,我的脚本运行良好。
$workspaceResourceId = "/subscriptions/xxxxxxxxxxxxxxxxxxxxxxxx/resourcegroups/rg-log-mgmt-prd-westeurope-01/providers/microsoft.operationalinsights/workspaces/nbsapucscoms"
$workspaceGUID = "xxxxxxxxxxxxxxxxxx"
$workspaceLocation = "westeurope"
$n = Get-AzureRmNetworkSecurityGroup -ResourceGroupName rg-8kmiles-dfi-westeurope-01 -Name apitst-nsg
$NwName = 'NetworkWatcher_' + $n.Location
$NW = Get-AzureRmNetworkWatcher -ResourceGroupName NetworkWatcherRg -Name $NwName
#enter the storage account details.
$storageAccount="/subscriptions/xxxxxxxxxxxxxxx/resourceGroups/rg-log-mgmt-prd-westeurope-01/providers/Microsoft.Storage/storageAccounts/nvsswelogmgmt001"
$flowLogStatus=Get-AzureRmNetworkWatcherFlowLogStatus -NetworkWatcher $NW -TargetResourceId $n.Id
if($false -eq $flowLogStatus.Enabled){
#Configure Version 2 FLow Logs with Traffic Analytics Configured
Set-AzureRmNetworkWatcherConfigFlowLog -NetworkWatcher $NW -TargetResourceId $n.Id `
-StorageAccountId $storageAccount -EnableFlowLog $true -EnableTrafficAnalytics `
-WorkspaceResourceId $workspaceResourceId -WorkspaceGUID $workspaceGUID `
-WorkspaceLocation $workspaceLocation -EnableRetention $true -RetentionInDays 365
#Query Flow Log Status
$flowLogStatus=Get-AzureRmNetworkWatcherFlowLogStatus -NetworkWatcher $NW -TargetResourceId $n.Id
write-verbose "$($n.Name) Nsg Flow Log Enabled : $($flowLogStatus.Enabled)" -verbose
}
我得到的错误是这个
Set-AzureRmNetworkWatcherConfigFlowLog : Operation returned an invalid status
code 'BadRequest'
At C:\Users\singhniu\Desktop\Pipeline\TestNsgFlowLog.ps1:22 char:5
+ Set-AzureRmNetworkWatcherConfigFlowLog -NetworkWatcher $NW -Targe ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Set-AzureRmNetworkWatcherConfig
FlowLog], ErrorResponseException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Network.SetAzureNetwork
WatcherConfigFlowLogCommand