![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 71%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
1,296 questions
Hi,
If you talking about the Log Analytics agent that is used by Azure Sentinel the firewall requirements are here. It is DNS records, not IPs as IPs change over time. For Azure VM it is better to use service tags. There is service tag for Azure Monitor. Read the documentation for it. Log Analytics is part of Azure Monitor and Azure Sentinel uses Log Analytics as platform for logs.
For qualys extension there is no Service Tag. The communication of the extension is available here. You will need to open to specific DNS records https://qagpublic.qg3.apps.qualys.com - Qualys' US data center, https://qagpublic.qg2.apps.qualys.eu - Qualys' European data center rather IPs. Both for port 443.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
