Monitor your Azure Network and NSG flow logs for real-time visibility into your network traffic
Identify traffic outliers
Detect outliers in denied traffic and view geographic hotspots for inbound traffic with pre-built dashboards and configurable alerts.
Comprehensive visibility
Integrate Network Watcher analysis with the Sumo Logic Apps for Azure Web Apps and Azure Audit for a full view of your Azure environment.
Improve your security
Get real-time analysis of network traffic flows to improve overall security posture and identify suspicious network traffic or important deviations.
What is Azure Network Watcher?
Azure Network Watcher is a network performance and diagnostic service that enables Azure Network monitoring. This service lets you collect “Network Security Group (NSG) Flow Logs”. NSG flows logs have 5-tuple information (source, destination, Traffic Flow, Traffic : Allowed/Denied) about ingress and egress IP traffic that are either blocked or allowed by the NSG, allowing you to troubleshoot traffic and security issues.
With the Sumo Logic App for Azure Network Watcher, you can gain real-time visibility into your Azure Network and get alerts on key metrics to rapidly identify problems and security issues.
Discover Outliers in Denied Traffic and Improve your overall Security Posture
Use Sumo Logic’s interactive dashboards to get real-time visibility into NSG flow logs, including drill-down into queries with NIC, tuple, and traffic flow information. Use the app to detect outliers in denied traffic, view geographic hotspots for inbound traffic, and filter data by rule name, source/destination IP and port, and other metadata fields.
Use the app to monitor important details like:
- Denied Traffic Flow by Source Location
- Top 10 Denied Source and Destination IP
- Denied Flow Traffic by Rule Name
- Top 10 Denied Source and Destination IP, Port
- Denied Traffic per Hour – Outlier
