Version: 2.10.0

Configure NFO Azure NSG Flow Logs Modules

There are two NFO Modules reporting NSG VPC Flow Logs ingested from Microsoft Azure:

  • Azure NSG Flow Logs - reports NSG Flow Logs, translating them one-to-one in syslog or JSON formats, and enriching them with Azure data such as VM names
  • Azure Top Traffic Monitor – reports hosts with the most traffic. It consolidates NSG Flow Logs records over a period of time (the Data Collection Interval you choose) which all have the same combination of the following fields: Source IP, Destination IP, Source port, Destination port, and Layer 3 protocol. This information is provided per Subscription. The Module also enriches flows with Azure data not reported in NSG Flow Logs natively.