Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Reference for AWSNetworkFirewallTls table in Azure Monitor Logs.
| Attribute | Value |
|---|---|
| Category | AWS |
| Basic Logs Eligible | ✓ Yes (source) |
| Supports Transformations | ✓ Yes (source) |
| Ingestion API Supported | ✓ Yes |
| Azure Monitor Tables Reference | View Documentation |
| Azure Monitor Logs Ingestion API | View Documentation |
Source: Azure Monitor documentation
| Column Name | Type | Description |
|---|---|---|
| _BilledSize | real | The record size in bytes |
| _IsBillable | string | Specifies whether ingesting the data is billable. When _IsBillable isfalseingestion isn't billed to your Azure account |
| Action | string | The action taken by the firewall (e.g., allowed, dropped, inspected). |
| AvailabilityZone | string | The AWS Availability Zone where the firewall instance is located. |
| DestIp | string | The destination IP address of the packet. |
| DestPort | string | The destination port to which the packet was sent. |
| ErrorMessage | string | Any error message associated with the event, if applicable. |
| EventTimestamp | datetime | The epoch timestamp of when the event occurred. |
| FirewallName | string | The name of the AWS Network Firewall instance generating the log. |
| LeafCertificateFingerprint | string | The SHA-256 fingerprint of the leaf certificate observed in the TLS handshake. |
| Sni | string | The Server Name Indication (SNI) from TLS traffic. |
| SourceSystem | string | The type of agent the event was collected by. For example,OpsManagerfor Windows agent, either direct connect or Operations Manager,Linuxfor all Linux agents, orAzurefor Azure Diagnostics |
| SrcIp | string | The source IP address of the packet that triggered the event. |
| SrcPort | string | The source port from which the packet originated. |
| Status | string | The status of the TLS inspection event (e.g., success, failure). |
| TenantId | string | The Log Analytics workspace ID |
| TimeGenerated | datetime | The timestamp when the log entry was created in AWS Network Firewall. |
| Type | string | The name of the table |
This table is used by the following solutions:
This table is ingested by the following connectors:
| Connector | Selection Criteria |
|---|---|
| Amazon Web Services NetworkFirewall (via Codeless Connector Framework) |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊