I have to ingest Azure Firewall logs to Splunk Cloud. I am exploring ways to do it. If there is a step by step guide, please let me know.
I have to ingest Azure Firewall logs to Splunk Cloud. I am exploring ways to do it. If there is a step by step guide, please let me know.
@AwasthiShubham-3570, Looks like splunking Azure Firewall logs is not yet supported in Microsoft Azure supported Splunk addons. I did this lab in my local environment by installing Splunk Add-on for Microsoft Cloud Services and Microsoft Azure App for Splunk addons in my enterprise base. But, not able to generate any relative flows on the dashboard.
Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.
That's sad. I was thinking if we can do that via rsyslog and then parsing the raw logs? A bit too much but worth a shot?
@AwasthiShubham-3570 ,
Greetings,
If you think your question has been answered, click "Mark as Answer" if just helped click "Vote as helpful". This can be beneficial to other community members reading this forum thread.
Best regards
Subhash
3 people are following this question.