Wazuh integration with azure load balancer
41 views
Skip to first unread message
Gokul Suresh
Sep 8, 2025, 2:25:53 AM (yesterday) Sep 8
to Wazuh | Mailing List
Hi team,
Earlier, I integrated AKS logs with Wazuh following guidance from the Wazuh mailing list:
Wazuh Mailing List Reference
For AKS, this provided full audit coverage with:
Resource Logs: kube-audit, kube-audit-admin, kube-apiserver, and guard (if Azure AD auth is used)
Activity Logs: Administrative, Security, and Policy
Now, I want to integrate Azure Load Balancer logs similarly.
In Diagnostic Settings, I currently have:
ALLMETRICS
In Activity Logs, available categories include:
Administrative, Service Health, Resource Health, Alert, Autoscale, Recommendation, and Security.
Looking for recommendations on which of these should be integrated to achieve full monitoring and security coverage.
Stuti Gupta
Sep 8, 2025, 4:29:29 AM (yesterday) Sep 8
to Wazuh | Mailing List
Hi
A good option for integrating Azure Load Balancer logs with Wazuh is to configure the service to export its diagnostic logs and activity logs to an Azure Storage account, and then use the Wazuh Azure module to collect and process them.
To send the logs to Azure storage, you can refer to: https://learn.microsoft.com/en-us/answers/questions/1329357/what-are-the-ways-i-can-see-aks-logs-which-is-expo
For the wazuh Azure module, please refer to https://documentation.wazuh.com/current/cloud-security/azure/storage.html
This way, Wazuh can collect the diagnostic and activity logs, allowing you to monitor configuration changes security-related events from the load balancer.
Gokul Suresh
Sep 8, 2025, 6:18:09 AM (23 hours ago) Sep 8
to Wazuh | Mailing List
Thank you Stuti for your reply.
I would like to know one more thing.
Could you please specify which are the Azure Load Balancer logs that should be monitored by Wazuh?
I would like to know one more thing.
Could you please specify which are the Azure Load Balancer logs that should be monitored by Wazuh?
Stuti Gupta
2:46 AM (2 hours ago) 2:46 AM
to Wazuh | Mailing List
You can monitor the logs as follows:
LoadBalancerHealthEvent for that https://docs.azure.cn/en-us/load-balancer/load-balancer-monitor-alert-health-event-logs
Standard load balancer diagnostics with metrics, alerts, and resource health: https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-diagnostics
You can also refer to https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-logs/microsoft-network-loadbalancers-logs for a list of the types of logs available for Microsoft.Network/loadBalancers resource type.
Let me know if you need any further assistance
LoadBalancerHealthEvent for that https://docs.azure.cn/en-us/load-balancer/load-balancer-monitor-alert-health-event-logs
Standard load balancer diagnostics with metrics, alerts, and resource health: https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-diagnostics
You can also refer to https://learn.microsoft.com/en-us/azure/azure-monitor/reference/supported-logs/microsoft-network-loadbalancers-logs for a list of the types of logs available for Microsoft.Network/loadBalancers resource type.
Let me know if you need any further assistance
Reply all
Reply to author
Forward
0 new messages