question

AwasthiShubham-3570 avatar image
0 Votes"
AwasthiShubham-3570 asked suvasara-MSFT commented

Azure Firewall integration with Splunk Cloud

I have to ingest Azure Firewall logs to Splunk Cloud. I am exploring ways to do it. If there is a step by step guide, please let me know.

azure-firewall
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

suvasara-MSFT avatar image
0 Votes"
suvasara-MSFT answered

@AwasthiShubham-3570, Looks like splunking Azure Firewall logs is not yet supported in Microsoft Azure supported Splunk addons. I did this lab in my local environment by installing Splunk Add-on for Microsoft Cloud Services and Microsoft Azure App for Splunk addons in my enterprise base. But, not able to generate any relative flows on the dashboard.


Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.



5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AwasthiShubham-3570 avatar image
0 Votes"
AwasthiShubham-3570 answered suvasara-MSFT commented

That's sad. I was thinking if we can do that via rsyslog and then parsing the raw logs? A bit too much but worth a shot?

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@AwasthiShubham-3570 ,
Greetings,

If you think your question has been answered, click "Mark as Answer" if just helped click "Vote as helpful". This can be beneficial to other community members reading this forum thread.


Best regards
Subhash

0 Votes 0 ·