Enable and configure diagnostic logging and metrics for WAF on Azure Front Door and Azure Application Gateway
Implementation Effort: Medium
User Impact: Low
Overview
Diagnostic logging and metrics are essential for understanding WAF enforcement, tuning policies, and investigating incidents across both edge and regional gateways.
For Azure Front Door, navigate to your Front Door instance in the Azure portal, open Diagnostic settings, and add a setting to your Log Analytics workspace or Storage/Event Hub. Select the FrontDoor WebApplicationFirewall Log
, FrontDoor Access Log
, or FrontDoor Health Probe Log
categories to capture every request, custom rule match, and health probe events . Front Door also emits metrics such as Web Application Firewall Request Count
andJS Challenge Request Count
that you can chart and alert on in Azure Monitor .
For Azure Application Gateway with WAF, go to your Application Gateway resource, open Diagnostic settings, and send logs to your Log Analytics workspace. Enable Application Gateway Firewall Log
, Application Gateway Performance Log
, or Application Gateway Access Log
to record WAF detections, HTTP transaction details, and performance counters . You can also leverage built-in metrics like WAF Total Requests
, WAF Managed Rule Matches
, WAF Bot Protection Matches
etc for alerting and building dashboards in Azure Monitor.