Apr 06 2023 01:43 AM
Hi Team,
i need some help on Kusto Query for troubleshooting the Network Security Group connectivity between source IP and Destination IP,
can someone please help in Kusto Query to check the NSG logs for source and destination to check connectivity is allowed between source and destination.
I'm very new to Kusto Query so posted here, appreciate for help
Source Ip : 10.226.16.165
destination : 159.123.12.3
Apr 10 2023 04:57 AM - edited Apr 10 2023 04:58 AM
AzureDiagnostics
| where Category == "NetworkSecurityGroupEvent"
| where msg_s contains "Allowed"
| where msg_s contains "Succeeded"
| where msg_s contains "type=FlowLog"
| where msg_s contains "<source-IP>"
| where msg_s contains "<destination-IP>"
| project TimeGenerated, msg_s
In this query, replace <source-IP> and <destination-IP> with the actual IP addresses of the source and destination that you want to check. The query will filter the logs to only show events where traffic was allowed and succeeded, and where the source and destination IP addresses match the ones you specified. The "project" operator is used to display the TimeGenerated and "msg_s" fields in the query result. You can modify the query to include additional fields or filters as needed.
Please "Accept as Answer" if it helped so it can help others in community looking for help on similar topics.
Apr 10 2023 06:35 AM