Queries for the AZFWApplicationRule table

For information on using these queries in the Azure portal, see Log Analytics tutorial. For the REST API, see Query.

Application rule logs

Connections that matched Application rules. HTTP, HTTPS and MSSQL are supported. Both connection and rule metadata is displayed.

AZFWApplicationRule
| take 100

All firewall decisions

All decision taken by firewall. Contains hits on network, application and NAT rules, as well as threat intelligence hits and IDPS signature hits.

AZFWNetworkRule
| union AZFWApplicationRule, AZFWNatRule, AZFWThreatIntel, AZFWIdpsSignature
| take 100