Azure Firewall IDPS Monitoring

Occasional Visitor

Hi all,


Recently we have upgraded Azure Firewall from standard to premium, while executing the IDPS Logs getting below error.


Firewall Logs - IDPS event logs getting below error.

Query :
// IDPS event logs
// IDPS events. These logs are only available when IDPS is enabled.

Error :

operator: Failed to resolve table or column or scalar expression named 'AZFWIdpsSignature'
If issue persists, please open a support ticket. Request id: 9a77fbe8-3c0e-4660-ab98-205bda874bea


NB ! We have also raised case with Microsoft as well.

1 Reply


Have you looked in the Azure Diagnostics table - that the normal place for the IDPS logs?  e.g.


| where ResourceType == "AZUREFIREWALLS"
| where OperationName == "AzureFirewallIDSLog"