Hello @RTK ,
You can find the query packs in Azure Monitor for any Azure resource/service which allows logging. So Azure Firewall log query pack can be found as below:
The overall Azure Firewall log query would be as below:
AzureDiagnostics
| where Category == "AzureFirewallNetworkRule" or Category == "AzureFirewallApplicationRule"
If you have more than one Azure Firewall in your subscription, do specify the Firewall name:
AzureDiagnostics
| where Category == "AzureFirewallNetworkRule" and Resource == "FirewallName"
Or you can modify the query pack as per your requirement to get specific logs.
Else, we have "Azure firewall workbook" which can gain insights into Azure Firewall events, learn about your application and network rules, and see statistics for firewall activities across URLs, ports, and addresses. Azure Firewall Workbook allows you to filter your firewalls and resource groups, and dynamically filter per category with easy to read data sets when investigating an issue in your logs.
Kindly let us know if the above helps or you need further assistance on this issue.
----------------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.