Difference between revisions of "Kusto queries FW"

From UVOO Tech Wiki
Jump to navigation Jump to search
(Created page with "``` AzureDiagnostics | where msg_s contains "10.x.x.x" | project msg_s ``` ``` AzureDiagnostics | where ResourceType == "AZUREFIREWALLS" and action_s == "Deny" and src_ip_s =...")
 
Line 1: Line 1:
 +
```
 +
AzureDiagnostics
 +
| where Category == "AzureFirewallNetworkRule"
 +
| where OperationName == "AzureFirewallNetworkRuleLog"
 +
| where msg_s contains "TCP"
 +
| where msg_s contains "10.x.x.x" and msg_s contains "Deny"
 +
| project msg_s
 +
```
 +
 
```
 
```
 
AzureDiagnostics
 
AzureDiagnostics

Revision as of 19:59, 3 May 2024

AzureDiagnostics
| where Category == "AzureFirewallNetworkRule"
| where OperationName == "AzureFirewallNetworkRuleLog"
| where msg_s contains "TCP"
| where msg_s contains "10.x.x.x" and msg_s contains "Deny"
| project msg_s

AzureDiagnostics
| where msg_s contains "10.x.x.x"
| project msg_s

AzureDiagnostics
| where ResourceType == "AZUREFIREWALLS" and action_s == "Deny" and src_ip_s == "source_ip" and dest_ip_s == "destination_ip"
Retrieved from "https://tech.uvoo.io/index.php?title=Kusto_queries_FW&oldid=5234"