Azure Firewall
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Connector ID | AzureFirewall |
| Publisher | Microsoft |
| Used in Solutions | Azure Firewall |
| Collection Method | Azure Diagnostics |
| Connector Definition Files | AzureFirewall.JSON |
| Custom Log V1 Tables | Yes 🔶 — ingests into tables with type-suffixed columns |
Connect to Azure Firewall. Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It's a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. For more information, see the Microsoft Sentinel documentation.
Tables Ingested
This connector ingests data into the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
AZFWApplicationRule |
✓ | ✗ | ? | |
AZFWDnsQuery |
✓ | ✗ | ? | |
AZFWFatFlow |
✓ | ✗ | ? | |
AZFWFlowTrace |
✓ | ✗ | ? | |
AZFWIdpsSignature |
✓ | ✗ | ? | |
AZFWInternalFqdnResolutionFailure |
✓ | ✗ | ? | |
AZFWNatRule |
✓ | ✗ | ? | |
AZFWNetworkRule |
✓ | ✗ | ? | |
AZFWThreatIntel |
✓ | ✗ | ? | |
AzureDiagnostics 🔶 |
ResourceType == "AZUREFIREWALLS" |
? | ✗ | ? |
Permissions
Resource Provider Permissions: - Workspace (Workspace): read and write permissions.
Setup Instructions
⚠️ Note: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.
1. Connect Azure Firewall to Microsoft Sentinel
Enable Diagnostic Logs on All Firewalls. - Configure Azure Firewall
Inside your Firewall resource:
- Select Diagnostic logs.
- Select + Add diagnostic setting.
- In the Diagnostic setting blade:
- Type a Name.
- Select Send to Log Analytics.
- Choose the log destination workspace.
- Select the categories that you want to analyze ( Azure Firewall Network Rule, Azure Firewall Application Rule,Azure Firewall Nat Rule,Azure Firewall Threat Intelligence,Azure Firewall IDPS Signature,Azure Firewall DNS query,Azure Firewall FQDN Resolution Failure,Azure Firewall Fat Flow Log,Azure Firewall Flow Trace Log)
- Click Save.
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊