An Azure Resource Manager (ARM) PowerShell script to automate the process of generating and downloading VPN gateway diagnostic logs.
This script does not require you to modify values for any variables. All variables are auto populated by using the PowerShell Out-GridView function.
When running the script, you will be prompted to enter your credentials twice as this script requires you to authenticate to both ARM and classic Azure PowerShell API
# Login to Azure ARM Login-AzureRmAccount # Select Subscription $subId = (Get-AzureRmSubscription | Out-GridView -Title "Select a Subscription" -PassThru).SubscriptionId Select-AzureRmSubscription -SubscriptionId $subId # Select Resource Group $rg = (Get-AzureRmResourceGroup | Out-GridView -Title "Select the Resource Group VPN Gateway belongs to" -PassThru).ResourceGroupName # Select vNet Gateway $gateway = (Get-AzureRmVirtualNetworkGateway -ResourceGroupName $rg | Out-GridView -Title "Select vNet Gateway" -PassThru).Name # Select Storage Account place the logs in $sa = Get-AzureRmStorageAccount | Out-GridView -Title "Select Storage Account in the same region" -PassThru $saName = $sa.StorageAccountName $saRG = $sa.ResourceGroupName $saKey = (Get-AzureRmStorageAccountKey -Name $saName -ResourceGroupName $saRG).Value[0] # Login to Azure Classic Add-AzureAccount # Select same subscription in classic mode Select-AzureSubscription -SubscriptionId $subId # Set SA Context $saContext = New-AzureStorageContext -StorageAccountName $saName -StorageAccountKey $saKey # Get Gateway ID $gateways = Get-AzureVirtualNetworkGateway $gatewayId = (($gateways | ? GatewayName -eq $gateway).GatewayId)[-1] # Start Diagnostics capture $duration = 60 $saContainer = "vpndiag" Start-AzureVirtualNetworkGatewayDiagnostics -GatewayId $gatewayId -CaptureDurationInSeconds $duration -StorageContext $saContext -ContainerName $saContainer # Wait for Diagnostics capture to finish Sleep -Seconds $duration # Download Diagnostics log $diagUrl = (Get-AzureVirtualNetworkGatewayDiagnostics -GatewayId $gatewayId).DiagnosticsUrl $content = (Invoke-WebRequest -Uri $diagUrl).RawContent $content | Out-File -FilePath vpnlogs.txt
The logs will be placed in the file vpnlogs.txt under the current folder.