Diagnostic log for Azure Firewall includes rule collection name and priority for each entry
The current log format for Azure Firewall as following, Rule Name and Priority Number is not supported by Azure Firewall diagnostic log yet.
We would like to suggest to add this two columns on Azure Firewall Diagnostic log, I believe it will help to troubleshoot any network connectivity in an effective way for end users. Thank you!
"msg": "HTTPS request from 10.1.0.5:55640 to mydestination.com:443. Action: Allow. Rule Collection: collection1000. Rule: rule1002"
"msg": "TCP request from 18.104.22.168:12518 to 22.214.171.124:2323. Action: Deny"
Nazakat Hussain commented
I feel for a firewall this is a really important feature. The firewall product from MS is quite good and is in a good position to compete with more know firewall vendors. This feature is assumed as a default with firewalls, was surprised to find out that it wasnt included by default
Alan Isherwood commented
Having implemented this Azure firewall in or test environment this is one of the missing features that has put our production implementation in doubt.