- Last updated on
To stream log data to a Log Analytics workspace in Microsoft Azure, you must connect your Barracuda SecureEdge with the Log Analytics workspace. For more information on Microsoft Azure Log Analytics workspaces, seehttps://docs.microsoft.com/en-us/azure/azure-monitor/log-query/get-started-portal.
Step 1. Create Log Analytics Workspace
Log into the Azure portal: https://portal.azure.com
In the left menu, clickAll services and go to Log Analytics workspaces.
In the Log Analyticsworkspaces menu, click Create.
The Create Log Analytics workspaceblade opens. In the Basics blade, enter values for the following:
Subscription – Select your subscription.
Resource Group – Select an existing resource group, or create a new, dedicated resource group for your workspace.
Name – Enter a name for the Log Analytics workspace.
Region – Select the geographical location where the data for your workspace will be stored.
Click Next :Tags.
The Tagsblade opens. Specify values for your tags.
Click Review + Create.
TheReview + Create blade opens. Verify your settings:
Click Create.
Click Refresh in the Log Analyticsworkspacesblade to display the new Log Analytics workspace.
Step 2. Retrieve Workspace ID and Workspace Key
To connect Barracuda SecureEdge with the newly created Log Analytics workspace, you need the Workspace ID and Workspace Key.
Log into the Azure portal:https://portal.azure.com
In the left menu, clickAll servicesand go toLog Analytics workspaces.
Click on the Log Analytics workspace created in Step 1.
In the left menu, click Agents.
In the Agents window, select Linux servers.
Copy WORKSPACE ID and PRIMARY KEY and save it locally.
Step 3. Connect Barracuda SecureEdge with Microsoft AzureLog Analytics Workspace
Log into Barracuda SecureEdge:https://se.barracudanetworks.com/
Go to Integration> Azure Monitor.
TheAzure Monitorpage opens, specify values for the following:
Azure Log Analytics (OMS)– Set the switch toEnable.
Workspace ID– Enter theWORKSPACE IDretrieved in Step 2.
Workspace Key– Enter thePRIMARY KEYretrieved in Step 2.
ClickSave.
Additional Information
(Optional) Configure Azure Log Analytics as the Logstream Destination on the CloudGen Firewall
If you want to configure the CloudGen Firewall to send the logstream to Microsoft Azure Log Analytics, select Microsoft OMS Security from the Logstream Destination list. For more information, see How to Configure Log Streaming to Microsoft Azure Log Analytics.
To stream logs to Microsoft Azure Log Analytics using the CEF format, you must configure Microsoft OMS Security as the streaming destination.
Data sent toLog Analytics will show up under theSyslog tag in Azure Log Analytics.Data sent to Microsoft OMS Security can be found under CommonSecurityLog, which requires Security and Audit to be enabled in the workspace (select Configure monitoring solutions and search for the solution).