You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
description: Learn how to enable and manage logs for Azure Application Gateway.
4
+
description: Explore how to use Azure Monitor to collect and analyze Application Gateway logs for better troubleshooting and data visualization.
5
+
#customer intent: As a network engineer, I want to analyze access logs for specific HTTP status codes so that I can identify and resolve problematic requests.
5
6
services: application-gateway
6
7
author: mbender-ms
7
8
ms.service: azure-application-gateway
8
9
ms.topic: concept-article
9
-
ms.date: 05/07/2025
10
-
ms.author: mbender
10
+
ms.date: 06/16/2025
11
+
ms.author: mbender
12
+
ms.custom:
13
+
- ai-gen-docs-bap
14
+
- ai-gen-description
15
+
- ai-seo-date:06/16/2025
11
16
---
12
17
13
18
# Diagnostic logs for Application Gateway
@@ -30,20 +35,20 @@ You can use different types of logs in Azure to manage and troubleshoot applicat
30
35
31
36
## Examples of optimizing access logs using Workspace Transformations
32
37
33
-
**Example 1: Selective Projection of Columns**: Imagine you have application gateway access logs with 20 columns, but you’re interested in analyzing data from only 6 specific columns. By using workspace transformation, you can project these 6 columns into your workspace, effectively excluding the other 14 columns. Even though the original data from those excluded columns won’t be stored, empty placeholders for them still appear in the Logs blade. This approach optimizes storage and ensures that only relevant data is retained for analysis.
38
+
**Example 1: Selective Projection of Columns**: Imagine you have application gateway access logs with 20 columns, but you're interested in analyzing data from only six specific columns. By using workspace transformation, you can project these six columns into your workspace, effectively excluding the other 14 columns. Even though the original data from those excluded columns won't be stored, empty placeholders for them still appear in the Logs blade. This approach optimizes storage and ensures that only relevant data is retained for analysis.
34
39
35
-
> [!NOTE]
36
-
> Within the Logs blade, selecting the **Try New Log Analytics** option gives greater control over the columns displayed in your user interface.
40
+
> [!NOTE]
41
+
> Within the Logs blade, selecting the **Try New Log Analytics** option gives greater control over the columns displayed in your user interface.
37
42
38
43
**Example 2: Focusing on Specific Status Codes**: When analyzing access logs, instead of processing all log entries, you can write a query to retrieve only rows with specific HTTP status codes (such as 4xx and 5xx). Since most requests ideally fall under the 2xx and 3xx categories (representing successful responses), focusing on the problematic status codes narrows down the data set. This targeted approach allows you to extract the most relevant and actionable information, making it both beneficial and cost-effective.
39
44
40
45
**Recommended transition strategy to move from Azure diagnostic to resource specific table:**
41
46
42
47
1. Assess current data retention: Determine the duration for which data is presently retained in the Azure diagnostics table (for example: assume the diagnostics table retains data for 15 days).
43
-
2. Establish resource-specific retention: Implement a new Diagnostic setting with resource specific table.
44
-
3. Parallel data collection: For a temporary period, collect data concurrently in both the Azure Diagnostics and the resource-specific settings.
45
-
4. Confirm data accuracy: Verify that data collection is accurate and consistent in both settings.
46
-
5. Remove Azure diagnostics setting: Remove the Azure Diagnostic setting to prevent duplicate data collection.
48
+
1. Establish resource-specific retention: Implement a new Diagnostic setting with resource specific table.
49
+
1. Parallel data collection: For a temporary period, collect data concurrently in both the Azure Diagnostics and the resource-specific settings.
50
+
1. Confirm data accuracy: Verify that data collection is accurate and consistent in both settings.
51
+
1. Remove Azure diagnostics setting: Remove the Azure Diagnostic setting to prevent duplicate data collection.
47
52
48
53
Other storage locations:
49
54
@@ -57,40 +62,40 @@ Learn more about the Azure Monitor's [diagnostic settings destinations](/azure/a
57
62
58
63
Activity logging is automatically enabled for every Resource Manager resource. You must enable access and performance logging to start collecting the data available through those logs. To enable logging, use the following steps:
59
64
60
-
1. Note your storage account's resource ID, where the log data is stored. This value is of the form: /subscriptions/\<subscriptionId\>/resourceGroups/\<resource group name\>/providers/Microsoft.Storage/storageAccounts/\<storage account name\>. You can use any storage account in your subscription. You can use the Azure portal to find this information.
65
+
1. Note your storage account's resource ID, where the log data is stored. This value is of the form: /subscriptions/\<subscriptionId\>/resourceGroups/\<resourceGroupName\>/providers/Microsoft.Storage/storageAccounts/\<storageAccountName\>. You can use any storage account in your subscription. You can use the Azure portal to find this information.
61
66
62
-
:::image type="content" source="media/application-gateway-diagnostics/diagnostics2.png" alt-text="Screenshot of storage account endpoints" lightbox="media/application-gateway-diagnostics/diagnostics2.png":::
67
+
:::image type="content" source="media/application-gateway-diagnostics/storage-endpoint-resource-id-thumb.png" alt-text="Screenshot of storage account endpoints." lightbox="media/application-gateway-diagnostics/storage-endpoint-resource-id.png":::
63
68
64
-
2. Note your application gateway's resource ID for which logging is enabled. This value is of the form: /subscriptions/\<subscriptionId\>/resourceGroups/\<resource group name\>/providers/Microsoft.Network/applicationGateways/\<application gateway name\>. You can use the portal to find this information.
69
+
1. Note your application gateway's resource ID for which logging is enabled. This value is of the form: /subscriptions/\<subscriptionId\>/resourceGroups/\<resourceGroupName\>/providers/Microsoft.Network/applicationGateways/\<applicationGatewayName\>. You can use the portal to find this information.
65
70
66
-
:::image type="content" source="media/application-gateway-diagnostics/diagnostics1.png" alt-text="Screenshot of app gateway properties" lightbox="media/application-gateway-diagnostics/diagnostics1.png":::
71
+
:::image type="content" source="media/application-gateway-diagnostics/application-gateway-endpoint-id-thumb.png" alt-text="Screenshot of app gateway properties." lightbox="media/application-gateway-diagnostics/application-gateway-endpoint-id.png":::
67
72
68
-
3. Enable diagnostic logging by using the following PowerShell cmdlet:
73
+
1. Enable diagnostic logging by using the following PowerShell cmdlet:
69
74
70
75
```powershell
71
-
Set-AzDiagnosticSetting -ResourceId /subscriptions/<subscriptionId>/resourceGroups/<resource group name>/providers/Microsoft.Network/applicationGateways/<application gateway name> -StorageAccountId /subscriptions/<subscriptionId>/resourceGroups/<resource group name>/providers/Microsoft.Storage/storageAccounts/<storage account name> -Enabled $true
>Activity logs do not require a separate storage account. The use of storage for access and performance logging incurs service charges.
80
+
>Activity logs don't require a separate storage account. The use of storage for access and performance logging incurs service charges.
76
81
77
82
## Enable logging through the Azure portal
78
83
79
84
1. In the Azure portal, find your resource and select **Diagnostic settings**.
80
85
81
86
For Application Gateway, three logs are available:
82
87
83
-
* Access log
84
-
* Performance log (available only for the v1 SKU)
85
-
* Firewall log
88
+
- Access log
89
+
- Performance log (available only for the v1 SKU)
90
+
- Firewall log
86
91
87
92
1. To start collecting data, select **Turn on diagnostics**.
88
93
89
-
![Turning on diagnostics][1]
94
+
:::image type="content" source="media/application-gateway-diagnostics/turning-on-diagnostics.png" alt-text="Screenshot of turning on diagnostics.":::
90
95
91
96
1. The **Diagnostics settings** page provides the settings for the diagnostic logs. In this example, Log Analytics stores the logs. You can also use event hubs and a storage account to save the diagnostic logs.
92
97
93
-
![Starting the configuration process][2]
98
+
:::image type="content" source="media/application-gateway-diagnostics/starting-configuration-process.png" alt-text="Screenshot of starting the configuration process.":::
94
99
95
100
1. Type a name for the settings, confirm the settings, and select **Save**.
96
101
@@ -107,17 +112,6 @@ You can also connect to your storage account and retrieve the JSON log entries f
107
112
108
113
## Next steps
109
114
110
-
* Visualize counter and event logs by using [Azure Monitor logs](/previous-versions/azure/azure-monitor/insights/azure-networking-analytics).
111
-
* [Visualize your Azure activity log with Power BI](https://powerbi.microsoft.com/blog/monitor-azure-audit-logs-with-power-bi/) blog post.
112
-
* [View and analyze Azure activity logs in Power BI and more](https://azure.microsoft.com/blog/analyze-azure-audit-logs-in-powerbi-more/) blog post.
0 commit comments