AZFWNetworkRule

Contains all Network Rule log data. Each match between data plane and network rule creates a log entry with the data plane packet and the matched rule's attributes.

Categories

  • Security

Solutions

  • LogManagement

Resource types

  • Firewalls

Columns

Column Type Description
Action string Action taken by the firewall following the match with this Network Rule. For example: Firewall may Allow/Deny this specific packet.
ActionReason string When no rule is triggered for a packet, this field contains the reason for the action performed by the firewall. For example: a packet dropped because no rule matched will show Default Action.
_BilledSize real
DestinationIp string Packet's destination IP address.
DestinationPort int Packet's destination port.
_IsBillable string
Policy string Name of the policy in which the triggered rule resides.
Protocol string Packet's network protocol. For example: UDP, TCP.
_ResourceId string A unique identifier for the resource that the record is associated with
Rule string Name of the triggered rule.
RuleCollection string Name of the rule collection in which the triggered rule resides.
RuleCollectionGroup string Name of the rule collection group in which the triggered rule resides.
SourceIp string Packet's source IP address.
SourcePort int Packet's source port.
SourceSystem string
_SubscriptionId string A unique identifier for the subscription that the record is associated with
TenantId string
TimeGenerated datetime Timestamp (UTC) when the data plane log was created.
Type string The name of the table