Azure DDOS logs

Ravichandran, Gopi Krishna 161 Reputation points
2022-06-26T18:18:41.42+00:00

Hi,

I have been trying to test Azure DDoS attack using different open source tools. I was able to simulate some flooding requests to web server using those tools. But, unfortunately I could not see the Azure DDoS logs in Log analytics workspace by running this query "AzureDiagnostics | where Category == "DDoSMitigationFlowLogs" or Category == "DDoSMitigationReports".

How do I diagnose or debug whether azure monitor has able to generate resource logs (Ex. from Public IP resources) which is protected under Azure DDoS Protection and sending logs to Azure Log analytics.

I am new to this DDoS thingy and would appreciate, if you can help to move further on this testing.

Azure DDos Protection
Azure DDos Protection
An Azure service that provides defense against distributed denial-of-service (DDoS) attacks.
63 questions
0 comments No comments
{count} votes

Accepted answer
  1. Luis Rodriguez 6,176 Reputation points Microsoft Employee
    2022-06-26T22:50:45.993+00:00

    Hello @Ravichandran, Gopi Krishna

    Welcome to Microsoft Q&A Platform,

    First please make sure that DDoS logs are properly configured:

    https://learn.microsoft.com/en-us/azure/ddos-protection/diagnostic-logging?tabs=DDoSProtectionNotifications

    You may want to run a new simulation using the official partners for this purpose, just to be sure that you are generating traffic enough to trigger the DDoS mitigation:

    https://learn.microsoft.com/en-us/azure/ddos-protection/test-through-simulations

    I hope this helps!

    ----------

    Please don’t forget to "Accept the answer" and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments No comments

0 additional answers

Sort by: Most helpful