Azure Firewall Log Forwarding Issue

Amit 0 Reputation points
2023-11-22T13:02:08.14+00:00

Hey Team Azure,

I want to ask you a question regarding Azure Firewall. I want to Analyse Azure Firewall Logs in real time so I want Azure Firewall to forward logs to a Syslog Server where I can receive the logs and perform my analysis.

Please let me know how can I do this task and what tools I need for this.

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,010 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Luis Arias 5,981 Reputation points
    2023-11-22T13:42:38.4866667+00:00

    Hi Amit,

    To forward Azure Firewall logs to a Syslog server , based on MS documentation is required:

    • Configure a Linux VM: The log forwarder.
    • Install a Syslog daemon and the Log Analytics agent on the VM
    • Create a data collection rule in Azure Monitor Agent: To specify what data to collect and where to send it
    • Configure the Syslog daemon and the Log Analytics agent to receive the log and sent to Syslog server.

    Some examples;

    Let me know if this help you, if you need deeper information also let me know to create my own lab and help you. (Very interesting topic)

    Luis