Merge pull request #225096 from vhorne/fw-logging

move Network rule name logging and link back

Author: Court72

articles/firewall/firewall-network-rule-logging.md

@@ -0,0 +1,52 @@
+---
+title: Azure network rule name logging (preview)
+description: Learn about Azure network rule name logging (preview)
+services: firewall
+author: vhorne
+ms.service: firewall
+ms.topic: conceptual
+ms.date: 01/25/2023
+ms.author: victorh
+---
+
+# Azure network rule name logging (preview)
+
+
+> [!IMPORTANT]
+> This feature is currently in PREVIEW.
+> See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
+
+Currently, a network rule hit event shows the following attributes in the logs: 
+
+   - Source and destination IP/port
+   - Action (allow, or deny)
+
+ With this new feature, the event logs for network rules also show the following attributes:
+   - Policy name
+   - Rule collection group
+   - Rule collection
+   - Rule name 
+
+## Enable/disable network rule name logging
+
+To enable the Network Rule name Logging feature, the following commands need to be run in Azure PowerShell. For the feature to immediately take effect, an operation needs to be run on the firewall. This operation can be a rule change (least intrusive), a setting change, or a stop/start operation. Otherwise, the firewall/s is updated with the feature within several days.
+
+Run the following Azure PowerShell commands to configure Azure Firewall network rule name logging:
+
+```azurepowershell
+Connect-AzAccount 
+Select-AzSubscription -Subscription "subscription_id or subscription_name" 
+Register-AzProviderFeature -FeatureName AFWEnableNetworkRuleNameLogging -ProviderNamespace Microsoft.Network
+Register-AzResourceProvider -ProviderNamespace Microsoft.Network 
+```
+
+Run the following Azure PowerShell command to turn off this feature:
+
+```azurepowershell
+Unregister-AzProviderFeature -FeatureName AFWEnableNetworkRuleNameLogging -ProviderNamespace Microsoft.Network 
+```
+
+## Next steps
+
+
+- To learn more about Azure Firewall logs and metrics, see [Azure Firewall logs and metrics](logs-and-metrics.md)

articles/firewall/firewall-preview.md

@@ -29,33 +29,13 @@ The following features are available in preview.
 
 ### Network rule name logging (preview)
 
-Currently, a network rule hit event shows the following attributes in the logs: 
-
-   - Source and destination IP/port
-   - Action (allow, or deny)
-
- With this new feature, the event logs for network rules also show the following attributes:
+With this new feature, the event logs for network rules adds the following attributes:
    - Policy name
    - Rule collection group
    - Rule collection
    - Rule name 
 
-To enable the Network Rule name Logging feature, the following commands need to be run in Azure PowerShell. For the feature to immediately take effect, an operation needs to be run on the firewall. This can be a rule change (least intrusive), a setting change, or a stop/start operation. Otherwise, the firewall/s is updated with the feature within several days.
-
-Run the following Azure PowerShell commands to configure Azure Firewall network rule name logging:
-
-```azurepowershell
-Connect-AzAccount 
-Select-AzSubscription -Subscription "subscription_id or subscription_name" 
-Register-AzProviderFeature -FeatureName AFWEnableNetworkRuleNameLogging -ProviderNamespace Microsoft.Network
-Register-AzResourceProvider -ProviderNamespace Microsoft.Network 
-```
-
-Run the following Azure PowerShell command to turn off this feature:
-
-```azurepowershell
-Unregister-AzProviderFeature -FeatureName AFWEnableNetworkRuleNameLogging -ProviderNamespace Microsoft.Network 
-```
+For more information, see [Azure network rule name logging (preview)](firewall-network-rule-logging.md).
 
 ### Structured Firewall Logs (preview)
 

articles/firewall/toc.yml

@@ -67,6 +67,8 @@ items:
       href: logs-and-metrics.md
     - name: Structured Firewall Logs
       href: firewall-structured-logs.md
+    - name: Network rule name logging
+      href: firewall-network-rule-logging.md
     - name: Threat intelligence
       href: threat-intel.md
     - name: Policy rule sets