You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/network-watcher/packet-capture-overview.md
+32Lines changed: 32 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -36,6 +36,38 @@ To control the size of captured data, use the following options:
36
36
|**Maximum bytes per session (bytes)**| Total number of bytes that are captured, once the value is reached the session ends. |
37
37
|**Time limit (seconds)**| Packet capture session time limit, once the value is reached the session ends. The default value is 18000 seconds (5 hours). |
38
38
39
+
## Continuous Packet Capture (Preview)
40
+
41
+
> [!NOTE]
42
+
> This feature is currently in public preview. Functionality and limitations may change before general availability.
43
+
44
+
Continuous packet capture allows you to persistently monitor network traffic using a ring buffer–based mechanism. Unlike standard packet captures that stop after reaching a specific time or file size, continuous capture is designed to run over extended durations, making it ideal for diagnosing intermittent or long-tail issues. Currently, you can configure continuous packet capture using the [Azure Portal](/network-watcher/packet-capture-manage?tabs=portal#start-a-packet-capture)
45
+
46
+
### How It Works
47
+
When continuous packet capture is enabled:
48
+
49
+
- Captured packets are written to a rotating set of files on the target VM’s local storage or storage account.
50
+
51
+
- You can configure the maximum number of files and the size of each file.
52
+
53
+
- Once the file count limit is reached, the oldest file is automatically deleted to allow space for new packets, maintaining a continuous stream of recent data.
54
+
55
+
- The capture runs for the user-specified time duration, or a maximum of 7 days, whichever is earlier.
56
+
57
+
This ring buffer–style storage helps reduce manual intervention and avoid excessive storage consumption while ensuring that recent traffic is always available for review.
58
+
59
+
### Considerations
60
+
61
+
- Continuous capture is available only for supported VM and VMSS SKUs and regions.
62
+
63
+
- Ensure the target VM has sufficient space, or the connected storage account has appropriate quota to accommodate capture data.
64
+
65
+
- Captures with high packet volumes may generate large data sizes quickly. Choose file size and count accordingly to manage buffer length and retention.
66
+
67
+
- When using filters, ensure that relevant ports, IPs, and protocols are captured to optimize storage and analysis.
68
+
69
+
For step-by-step guidance, see [Manage packet captures](/azure/network-watcher/packet-capture-manage)
70
+
39
71
## Filtering (optional)
40
72
41
73
Use filters to capture only the traffic that you want to monitor. Filters are based on 5-tuple (protocol, local IP address, remote IP address, local port, and remote port) information:
0 commit comments