Open In App
Related Articles

Microsoft Azure – Enabling Logs for Troubleshooting the Azure Firewall Rules

Improve Article
Save Article
Like Article

Azure Firewall Diagnostic settings are used to configure logs and metrics for a resource to the destination of Log Analytics Workspace.


  • Azure Firewall Resource
  • Log Analytics Workspace which is configured for monitoring your Azure resources.


Step 1: Login to Azure Portal

Step 2: Search for Firewalls from azure global search and select Firewall

Step 3: Select your Firewall resource from Azure Firewall resources

Step 4: Navigate to Monitoring >> Access Diagnostic setting

Step 5: Now, Click on ‘Add Diagnostic setting‘ to configure the collection of the following data:

  1. AzureFirewallApplicationRule
  2. AzureFirewallNetworkRule
  3. AzureFirewallDnsProxy
  • Configure Firewall Logs:

  • Configure Firewall resource logs and metrics to the destination of Log Analytics Workspace:

  • Click on Save to update the changes.

Following are the azure KQL Query to test or to troubleshoot the firewall Logs:

| where Category == "AzureFirewallNetworkRule" 
or Category == "AzureFirewallApplicationRule"
| where OperationName == "AzureFirewallNetworkRuleLog"
or OperationName == "AzureFirewallApplicationRuleLog"


Last Updated : 31 Mar, 2023
Like Article
Save Article
Similar Reads
Related Tutorials