Log Analytics tables for microsoft.network/azurefirewalls

Contains all Application rule log data. Each match between data plane and Application rule creates a log entry with the data plane packet and the matched rule's attributes.

Contains aggregated Application rule log data for Policy Analytics.

Contains all DNS Proxy events log data.

This query returns the top flows across Azure Firewall instances. Log contains flow information, date transmission rate (in Megabits per second units) and the time period when the flows were recorded. Please follow the documentation to enable Top flow logging and details on how it is recorded.

Flow logs across Azure Firewall instances. Log contains flow information, flags and the time period when the flows were recorded. Please follow the documentation to enable flow trace logging and details on how it is recorded.

Contains all data plane packets that were matched with one or more IDPS signatures.

Contains all internal Firewall FQDN resolution requests that resulted in failure.

Contains all DNAT (Destination Network Address Translation) events log data. Each match between data plane and DNAT rule creates a log entry with the data plane packet and the matched rule's attributes.

Contains aggregated NAT Rule log data for Policy Analytics.

Contains all Network Rule log data. Each match between data plane and network rule creates a log entry with the data plane packet and the matched rule's attributes.

Contains aggregated Network rule log data for Policy Analytics.

Contains all Threat Intelligence events.

Entries from the Azure Activity log that provides insight into any subscription-level or management group level events that have occurred in Azure.

Metric data emitted by Azure services that measure their health and performance.