Azure网络安全组缺少审核日志
[英]Azure Network Security Group missing audit logs
问题描述
In Log analytics for network security groups , Microsoft describes how to enable "Counter logs" that keep track of how many times the security rules for NSGs are invoked. 
在“网络安全组的日志分析”中 ,Microsoft描述了如何启用“计数器日志”,该日志可跟踪调用NSG的安全规则的次数。
I've followed the instructions in the article, enabling the NetworkSecurityGroupRuleCounter for my NSG, but I don't get any events. 我已经按照文章中的说明进行操作,为我的NSG启用了NetworkSecurityGroupRuleCounter ,但是没有任何事件。 I am sure that my Inbound and Outbound rules are being invoked; 我确定我的入站和出站规则正在被调用; I can successfully use them to block incoming and outgoing traffic for VMs in the group. 我可以成功地使用它们来阻止组中VM的传入和传出流量。
As you can see, the setting is enabled as shown in the article. 如您所见,该设置已启用,如文章中所示。 Is there something else that's needed to make the Counter logs show up? 要显示计数器日志还需要其他方法吗?
2 个解决方案
解决方案1
0 已采纳 2015-12-04 03:24:06
This turned out to be a software fault and not a configuration issue. 原来这是软件故障,而不是配置问题。 I finally got an engineer at Microsoft to look at this problem. 我终于找到了Microsoft的工程师来研究这个问题。 They restarted an agent on a host machine, which fixed the issue. 他们在主机上重新启动了代理,从而解决了该问题。
解决方案2
-1 2015-11-11 12:45:39
Have you tried choosing a different storage account to see if the logs are recorded? 您是否尝试过选择其他存储帐户以查看日志是否已记录?
How exactly are you analyzing the logs? 您如何精确分析日志?
Is the Storage account created in Azure Resource Manager? 是否在Azure资源管理器中创建了存储帐户?
Check and make sure that the Storage account that you have chosen for the logs is created in Azure Resource manager. 检查并确保在Azure资源管理器中创建了为日志选择的存储帐户。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.