Azure NSG denied traffic visibility
It’s possible now to check for a traffic flows that were denied by the NSG rules configured on a Subnet or VNET level.
There are two ways how you can see that traffic:
- It’s available on a Kentik Map as a sidebar “Details” widget (similar to existing AWS functionality)
- You can search for them in a Data Explorer using source and destination Firewall Action as a dimensions, and change the metric to the flow/s.This feature will be a significant aid in troubleshooting the NSG firewall issues and decrease mean time to resolution.