Network Security Group Flow Log retention period should be 'greater than 90 days'


To ensure sufficient data retention, it is recommended to set the retention period for your Network Security Group Flow Logs to a minimum of 90 days. By default, the flow logs for Network Security Groups are disabled, so it is essential to enable them to capture information about IP traffic. The logs provide valuable insights into any anomalies or potential breaches, helping you in monitoring and securing your network. However, it is important to consider that increasing the data retention period may lead to higher monthly storage costs based on your data usage.


From the console

  1. Go to Network Watcher and select NSG flow logs blade in the Logs section.
  2. Select each Network Security Group from the list.
  3. Ensure Status is set to On.
  4. Ensure Retention (days) setting is greater than 90 days.
  5. Select your storage account in the Storage account field.