-1

I check the network traffic in Azure firewall log analytics. I can see the different source IP addresses and port also has target IP address and port. But I can't see the internal network traffic in the same virtual network. For example, use jump box VM ssh to workload VM. Suppose I can see the jump box and workload network traffic. But I can't see that happen on my firewall log analytics. I want to know how to show all network traffic include the internal network. Thanks.

I follow this Azure Firewall log analytics samples and network rule log data query: https://learn.microsoft.com/en-us/azure/firewall/log-analytics-samples

chris1126
  • 27
  • 1
  • 3
  • 9

1 Answers1

0

The Azure virtual network usually is secured with the security group. To view network traffic in a virtual network, you could check the NSG flow logs.

The NSG flow logs allow you to view information about ingress and egress IP traffic through a network security group. You can analyze flow logs and gain insights into your network traffic using traffic analytics.

Nancy
  • 26,865
  • 3
  • 18
  • 34