Forum Discussion

jameswonderguy's avatar
jameswonderguy
Copper Contributor
Mar 22, 2023

Azure Firewall Premium Logging

Hi,

 

The Azure Firewall (Premium) has been configured to perform TLS inspection of application rules. The user PC's web browser shows Azure Firewall Manager CA as the common name of the certificate issuer for all websites, which is good. However, this does not reflect in the Azure firewall application logs.

 

1. Can this requirement be achieved?

2. Where does IPS related logs feature?

 

Thanks

James

  • shankerhari's avatar
    shankerhari
    Copper Contributor
    Hi James

    Yes, this requirement can be achieved. you need to enable the Firewall Policy diagnostic settings for the Azure Firewall. This will allow you to view the application logs which will contain details about the TLS inspection performed by the firewall.

    IPS (Intrusion Prevention System) related logs are part of the Azure Firewall diagnostic logs. You can enable diagnostic logs for Azure Firewall and then use the Azure Monitor service to analyze and view the logs.

    Best Regards
    Hari

Resources