Azure Firewall Premium Logging

jameswonderguy · ‎Mar 22 2023

Hi,

The Azure Firewall (Premium) has been configured to perform TLS inspection of application rules. The user PC's web browser shows Azure Firewall Manager CA as the common name of the certificate issuer for all websites, which is good. However, this does not reflect in the Azure firewall application logs.

1. Can this requirement be achieved?

2. Where does IPS related logs feature?

Thanks

James

Kidd_Ip · ‎Mar 23 2023

@jameswonderguy

Do you have a chance to read this in detail:

Azure Firewall Premium features | Microsoft Learn

shankerhari · ‎Apr 04 2023

Hi James

Yes, this requirement can be achieved. you need to enable the Firewall Policy diagnostic settings for the Azure Firewall. This will allow you to view the application logs which will contain details about the TLS inspection performed by the firewall.

IPS (Intrusion Prevention System) related logs are part of the Azure Firewall diagnostic logs. You can enable diagnostic logs for Azure Firewall and then use the Azure Monitor service to analyze and view the logs.

Best Regards
Hari

Azure Firewall Premium Logging

Azure Firewall Premium Logging

Re: Azure Firewall Premium Logging

Re: Azure Firewall Premium Logging

Products (49)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Azure Firewall Premium Logging