Azure Firewall integration with Splunk Cloud

Awasthi, Shubham 1 Reputation point

I have to ingest Azure Firewall logs to Splunk Cloud. I am exploring ways to do it. If there is a step by step guide, please let me know.

Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
593 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. suvasara-MSFT 10,016 Reputation points

    @Awasthi, Shubham , Looks like splunking Azure Firewall logs is not yet supported in Microsoft Azure supported Splunk addons. I did this lab in my local environment by installing Splunk Add-on for Microsoft Cloud Services and Microsoft Azure App for Splunk addons in my enterprise base. But, not able to generate any relative flows on the dashboard.


    Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.

    0 comments No comments

  2. Awasthi, Shubham 1 Reputation point

    That's sad. I was thinking if we can do that via rsyslog and then parsing the raw logs? A bit too much but worth a shot?