You must identify the correct storage account for flow logging of IP traffic from VM5 that satisfies the retention requirement of eight months.
Step 1 — Review the Requirements
Flow logs are stored in a StorageV2 (general purpose v2) account.
The selected storage account must support Network Watcher flow logs.
Data must be retained for eight months (≈ 240 days).
Step 2 — Evaluate Each Storage Account
Storage Account
Kind
Region
Remarks
storage1
Storage (general purpose v1)
West US
Does not support flow logs (deprecated type).
storage2
StorageV2 (general purpose v2)
East US
Fully supports flow logs and lifecycle management.
storage3
BlobStorage
East US 2
Not suitable — supports blobs only, not log structure or lifecycle retention.
storage4
FileStorage
Central US
File-only — cannot store flow logs.
Step 3 — Compliance with Flow Log Retention
Flow logs for Network Watcher NSG flow logging are supported only by StorageV2 accounts. You can use Azure Storage lifecycle management to automatically delete logs after a set period — such as 240 days (8 months) — to comply with retention requirements.
Official Microsoft Note:
“Network security group (NSG) flow logs are stored in Azure StorageV2 (General Purpose v2) accounts, which support lifecycle management for log retention.” — Azure Network Watcher documentation.
Conclusion
storage2 is the only StorageV2 account.
It’s located in East US, matching VM5’s region (East US) — this satisfies performance and compliance requirements.
