![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 14.000000000000002%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELR%3C/text%3E%3C/svg%3E)
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
717 questions
Hello Luke , Welcome to MS Q&A
Azure Firewall with FQDN restrictions in a "monitor-only" mode. However, Azure Firewall does support logging and monitoring capabilities that can help you analyze traffic and determine which FQDNs should be allowlisted.
You can enable diagnostic logging for Azure Firewall to capture detailed information about the traffic passing through it. This includes information about allowed and denied traffic, which can be useful for monitoring purposes. By analyzing these logs, you can identify the FQDNs that need to be allowlisted.
To set up logging:
- Enable Diagnostic Settings: In the Azure portal, navigate to your Azure Firewall resource and select Diagnostic settings. Here, you can configure the logs to be sent to Azure Monitor logs, Event Hubs, or a Storage Account.
- Analyze Logs: Use Azure Monitor or any other log analysis tool to review the logs and determine which FQDNs are being accessed. This will help you decide which FQDNs should be allowlisted.
Pls check below image
Kindly accept answer if it helps
Please let us know if any further questions
For more detailed guidance, you may want to refer to the Azure documentation on Azure Firewall logging and monitoring.
Thanks
Deepanshu