question

AwasthiShubham-3570 avatar image
0 Votes"
AwasthiShubham-3570 asked suvasara-MSFT commented

Azure Firewall logs to Splunk Cloud

Hi,

I have a Splunk Cloud instance and have installed https://splunkbase.splunk.com/app/3757/#/details

Can anyone suggest how can I ingest Azure Firewall Logs to my Splunk Instance?

azure-firewall
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

suvasara-MSFT avatar image
0 Votes"
suvasara-MSFT answered suvasara-MSFT commented

@AwasthiShubham-3570, Looks like I have responded to your thread earlier. AFAIK, Splunk should have a similar addon like NSG flow logging for AZF. Having said that, it's still looking possible when crossed this addon named "Azure Log Analytics Kusto Grabber". I would recommend you test this addon in your case. AZ Firewall logs needs Log analytics integration and from there you should be able to grab those reports using kusto's and land them on custom Splunk dashboard.


Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.


· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@AwasthiShubham-3570 ,
Greetings,

If you think your question has been answered, click "Mark as Answer" if just helped click "Vote as helpful". This can be beneficial to other community members reading this forum thread.


Best regards
Subhash

0 Votes 0 ·