![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 11%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,606 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 43%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Hi Amit,
To forward Azure Firewall logs to a Syslog server , based on MS documentation is required:
- Configure a Linux VM: The log forwarder.
- Install a Syslog daemon and the Log Analytics agent on the VM
- Create a data collection rule in Azure Monitor Agent: To specify what data to collect and where to send it
- Configure the Syslog daemon and the Log Analytics agent to receive the log and sent to Syslog server.
Some examples;
- https://learn.microsoft.com/en-us/azure/sentinel/connect-log-forwarder?tabs=rsyslog
- https://learn.microsoft.com/en-us/azure/azure-monitor/agents/data-sources-syslog
Let me know if this help you, if you need deeper information also let me know to create my own lab and help you. (Very interesting topic)
Luis