Azure WAF Sentinel solution does not query resource specific table #11434
Comments
|
Hi @tschleining, Thanks for flagging this issue, we will investigate this issue and get back to you with some updates. Thanks!! |
|
Hi @tschleining, could you please provide more information regarding this issue? Clarifying these details will help us resolve it more effectively. Thanks!! |
|
Hi @tschleining, please provide more information regarding this issue. Thanks!! |
|
Hi @v-shukore - We are having the same issue. However, the sentinel connector for WAF is still quering on the AzureDiagnostics table as per the following json config. Any timeline as to when the connector will be updated so that we can start using dedicated tables instead ? Thanks! |
|
Hi @bedij03, Thanks for your response. Currently, we don't have a plan to update the connector. We will share updates with the teams once we receive any update from them will update on GitHub accordingly. Meanwhile, you can follow the steps mentioned in the document for dedicated Application Gateway resource-specific tables. |
|
Hi @tschleining @bedij03, Gentle Reminder: We are waiting for your response on this issue. If you still need to keep this issue active, please respond to it in the next 2 days. If we don't receive a response by 29-12-2024 date, we will be closing this issue. |
The Azure Web Application Firewall solution for Sentinel currently queries the AzureDiagnostics table and not the "new" resource specific AGWFirewallLogs table
Ideally the solution would allow for both locations to be queried regardless of what diagnostic setting is set for the WAF resource.
The text was updated successfully, but these errors were encountered: