Azure Firewall Logs Kusto Query

Question

Dear Member,&nbsp;In Azure firewall i have configured the rule block, now i want to check the traffic it is supposed to deny and does it still allow the other traffic. can someone please help with the Kusto Query on this if the rule block is allowing traffic or deny .&nbsp;appreciate for help in this&nbsp;&nbsp;

clive_watson · Answer

venu15&nbsp;Take a look at the "Azure Firewall" Workbook template in Sentinel, it has many KQL examples - you dont need Sentinel to install it. Rule log statistics Tab:&nbsp;https://github.com/Azure/Azure-Sentinel/blob/master/Workbooks/AzureFirewall.json

Forum Discussion

Azure Firewall Logs Kusto Query

Share

Resources