You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/ddos-protection/diagnostic-logging.md
+3-8Lines changed: 3 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,16 +5,13 @@ services: ddos-protection
5
5
author: AbdullahBell
6
6
ms.service: ddos-protection
7
7
ms.topic: how-to
8
-
ms.custom: ignite-2022
9
8
ms.workload: infrastructure-services
10
9
ms.date: 03/14/2023
11
10
ms.author: abell
12
11
---
13
12
14
13
# Configure Azure DDoS Protection diagnostic logging through portal
15
14
16
-
Azure DDoS Protection provides detailed attack insights and visualization with DDoS Attack Analytics. Customers protecting their virtual networks against DDoS attacks have detailed visibility into attack traffic and actions taken to mitigate the attack via attack mitigation reports & mitigation flow logs. Rich telemetry is exposed via Azure Monitor including detailed metrics during the duration of a DDoS attack. Alerting can be configured for any of the Azure Monitor metrics exposed by DDoS Protection. Logging can be further integrated with [Microsoft Sentinel](../sentinel/data-connectors/azure-ddos-protection.md), Splunk (Azure Event Hubs), OMS Log Analytics, and Azure Storage for advanced analysis via the Azure Monitor Diagnostics interface.
17
-
18
15
In this guide, you'll learn how to configure Azure DDoS Protection diagnostic logs, including notifications, mitigation reports and mitigation flow logs.
19
16
20
17
## Prerequisites
@@ -24,9 +21,7 @@ In this guide, you'll learn how to configure Azure DDoS Protection diagnostic lo
24
21
- In order to use diagnostic logging, you must first create a [Log Analytics workspace with diagnostic settings enabled](ddos-configure-log-analytics-workspace.md).
25
22
- DDoS monitors public IP addresses assigned to resources within a virtual network. If you don't have any resources with public IP addresses in the virtual network, you must first create a resource with a public IP address. You can monitor the public IP address of all resources deployed through Resource Manager (not classic) listed in [Virtual network for Azure services](../virtual-network/virtual-network-for-azure-services.md#services-that-can-be-deployed-into-a-virtual-network) (including Azure Load Balancers where the backend virtual machines are in the virtual network), except for Azure App Service Environments. To continue with this guide, you can quickly create a [Windows](../virtual-machines/windows/quick-create-portal.md?toc=%2fazure%2fvirtual-network%2ftoc.json) or [Linux](../virtual-machines/linux/quick-create-portal.md?toc=%2fazure%2fvirtual-network%2ftoc.json) virtual machine.
If you want to automatically enable diagnostic logging on all public IPs within an environment, skip to [Enable diagnostic logging on all public IPs](#enable-diagnostic-logging-on-all-public-ips).
24
+
## Configure diagnostic logs
30
25
31
26
1. Sign in to the [Azure portal](https://portal.azure.com/).
32
27
1. In the search box at the top of the portal, enter **Monitor**. Select **Monitor** in the search results.
@@ -67,7 +62,7 @@ If you want to automatically enable diagnostic logging on all public IPs within
67
62
| Resource group | Select the **Resource group** that contains the public IP address. |
68
63
|Resource type | Select **Public IP Addresses**.|
69
64
70
-
1. Confirm your *Diagnostic status* is **enabled**.
65
+
1. Confirm your *Diagnostic status* is **Enabled**.
71
66
72
67
## Next steps
73
68
@@ -76,4 +71,4 @@ In this guide, you learned how to configure Azure DDoS Protection diagnostic log
76
71
To learn how to configure attack alerts, continue to the next guide.
0 commit comments