Merge pull request #298301 from duongau/patch-25

Azure Firewall - Monitor (add information about basic log)

Author: prmerger-automator[bot]

articles/firewall/monitor-firewall.md

@@ -1,7 +1,7 @@
 ---
 title: Monitor Azure Firewall
 description: You can monitor Azure Firewall using firewall logs. You can also use activity logs to audit operations on Azure Firewall resources.
-ms.date: 08/08/2024
+ms.date: 04/15/2025
 ms.custom: horz-monitor
 ms.topic: concept-article
 author: duongau
@@ -98,6 +98,8 @@ New resource specific tables are now available in Diagnostic setting that allows
 - [Top flow log](/azure/azure-monitor/reference/tables/azfwfatflow) - The Top Flows (Fat Flows) log shows the top connections that are contributing to the highest throughput through the firewall.
 - [Flow trace](/azure/azure-monitor/reference/tables/azfwflowtrace) - Contains flow information, flags, and the time period when the flows were recorded. You can see full flow information such as SYN, SYN-ACK, FIN, FIN-ACK, RST, INVALID (flows).
 
+All resource specific tables now support Basic log mode, which can reduce logging costs by up to 80%. However, [Policy Analytics](policy-analytics.md) and [Security Copilot integrations](firewall-copilot.md) aren't compatible with Basic log mode. For more information on the limitations and differences of this logging mode, see [Azure Monitor Logs](/azure/azure-monitor/logs/data-platform-logs.md#table-plans). To learn about the new querying experience, see [Query data in a basic and auxiliary table](/azure/azure-monitor/logs/basic-logs-query.md).
+
 ### Enable structured logs
 
 To enable Azure Firewall structured logs, you must first configure a Log Analytics workspace in your Azure subscription. This workspace is used to store the structured logs generated by Azure Firewall.