Forum Discussion
venu15
Apr 06, 2023Copper Contributor
Kusto Query for Network Security Group
Hi Team, i need some help on Kusto Query for troubleshooting the Network Security Group connectivity between source IP and Destination IP, can someone please help in Kusto Query to check the ...
SuryaJ
Microsoft
Apr 11, 2023venu15 Taking the reference of logs format from here - https://learn.microsoft.com/en-us/azure/network-watcher/network-watcher-nsg-flow-logging-overview#log-format
There are 3 parameters in the logs that can help us check if the traffic was allowed or denied
So, KQL query for this check will be like below:
nsgLogs
// | where sourceIP== '10.226.16.165' and destinationIP== '159.123.12.3' // If you need IP filter
| extend trafficDecision = iif(TrafficDecision == 'A', 'Allowed', 'Denied')
| project sourceIP, destinationIP, trafficDecision