Forum Discussion
Kusto Query for Network Security Group
Hi Team,
i need some help on Kusto Query for troubleshooting the Network Security Group connectivity between source IP and Destination IP,
can someone please help in Kusto Query to check the NSG logs for source and destination to check connectivity is allowed between source and destination.
I'm very new to Kusto Query so posted here, appreciate for help
Source Ip : 10.226.16.165
destination : 159.123.12.3
1 Reply
- SuryaJ
Microsoft
venu15 Taking the reference of logs format from here - https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-overview#log-format
There are 3 parameters in the logs that can help us check if the traffic was allowed or denied
So, KQL query for this check will be like below:
nsgLogs
// | where sourceIP== '10.226.16.165' and destinationIP== '159.123.12.3' // If you need IP filter
| extend trafficDecision = iif(TrafficDecision == 'A', 'Allowed', 'Denied')
| project sourceIP, destinationIP, trafficDecision
