Hi @Yui Shimizu ,
Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
I understand you would like to understand more about the metric "Firewall Health State".
Please note the Firewall health indicates the SNAT port Availability of the Firewall.
Refer : https://learn.microsoft.com/en-us/azure/firewall/logs-and-metrics under Metrics Section.
To create an alert based on Metric,
You can refer : https://learn.microsoft.com/en-US/Azure/azure-monitor/alerts/tutorial-metric-alert
For Azure Firewall,
- Go to the metrics page under Azure Firewall
- Select the Firewall Health State Metric and click on "New Alert Rule".
- Configure the Alert Logic, granularity, and frequency of check per your requirement.
- Specify how you would like to be notified about the alert in the Actions
- https://learn.microsoft.com/en-US/Azure/azure-monitor/alerts/action-groups
- Configure other details such as Rule Name, Description and Severity from the Details Page
- Review and Create the Alert.
With respect to bringing down the status < 100%
- The only way to bring the status below 100% is to have a large number of connections passing through the Firewall.
- This should cause SNAT port exhaustion.
- You must have a heavy load on your environment making outbound connections using SNAT to simulate this.
P.S : Azure Firewall also supports configuring multiple Public IP Addresses, to prevent SNAT exhaustion
https://learn.microsoft.com/en-us/azure/firewall/deploy-multi-public-ip-powershell
I hope this helps.
Thanks,
Kapil.
----------------------------------------------------------------------------------------------------------------
Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.