Azure firewall log analytics. How to find Internal network traffic use network rule
Question
I check the network traffic in Azure firewall log analytics. I can see the different source IP addresses and port also has target IP address and port. But I can't see the internal network traffic in the same virtual network. For example, use jump box VM ssh to workload VM. Suppose I can see the jump box and workload network traffic. But I can't see that happen on my firewall log analytics. I want to know how to show all network traffic include the internal network. Thanks.
I follow this Azure Firewall log analytics samples and network rule log data query: https://docs.microsoft.com/en-us/azure/firewall/log-analytics-samples
1 answers
solution1
0 ACCPTED 2019-12-05 02:40:08
The Azure virtual network usually is secured with the security group . To view network traffic in a virtual network, you could check the NSG flow logs .
The NSG flow logs allow you to view information about ingress and egress IP traffic through a network security group. You can analyze flow logs and gain insights into your network traffic using traffic analytics .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.