KQL snippet: correlate private App Service and Application Gateway
A short query to separate WAF, gateway, private DNS, access restrictions and App Service logs during a private access incident.
Read article
Tag
waf
15 articles connected to this technical signal.
Azure internal APIM: diagnose a private API before changing policies
Qualify a failure across Application Gateway, WAF, internal APIM and a private backend by separating DNS, routing, policy, identity and logs before any fix.
Read articleKQL snippet: correlate WAF and APIM on an Azure private API
A short query to see whether a private API request is blocked by Application Gateway WAF, received by APIM or missing from the expected path.
Read articleAzure: make private paths verifiable with synthetic probes
Build useful synthetic probes for DNS, TLS, Application Gateway, WAF and Private Endpoint so private Azure paths fail with evidence before production incidents.
Read articleKQL snippet: track synthetic probes for an Azure private path
A short query to track synthetic probe failures and separate DNS, TLS, WAF or Application Gateway symptoms on an Azure private path.
Read articleAzure WAF: frame an emergency custom rule without losing evidence
Apply a temporary Azure WAF custom rule with priority, KQL evidence, business validation and rollback, without permanently hiding managed-rule signals.
Read articleAzure snippet: audit WAF custom rule priorities
A short command to list custom rules in an Azure WAF policy with priority, action and type before an urgent change.
Read articleKQL snippet: list Azure WAF blocked URIs quickly
A short KQL query to identify the most blocked URIs by Azure Web Application Firewall on Application Gateway.
Read articleAzure WAF: qualify a false positive before creating an exclusion
A practical method to analyze an Azure WAF block, isolate the rule involved, compare application evidence, and decide between a fix, a targeted exclusion, or a custom rule.
Read articleAzure WAF: when to use custom rules before managed OWASP rules
Know when to add an Azure WAF custom rule to block or allow precise traffic before managed OWASP/CRS rules, without hiding useful security signals.
Read articleAzure WAF: add an OWASP/CRS exclusion without weakening all protection
Move from a qualified WAF block to a targeted OWASP/CRS exclusion in an Azure Application Gateway policy, with scope, variable, rule, validation and rollback.
Read articleWAF and KQL: identify a false positive before creating an exclusion
A KQL analysis method to qualify an Azure WAF block, distinguish attack, noise and application false positive, then document the decision before any exclusion.
Read articleAzure WAF: read Application Gateway blocks with KQL without chasing every layer
Build useful KQL queries to identify requests blocked by Azure Web Application Firewall on Application Gateway, with action, ruleId, URI, client IP, hostname and time window.
Read articleAzure Application Gateway: diagnose 502 errors without mixing DNS, TLS and backend health
A diagnostic method for Azure Application Gateway 502 errors that separates DNS resolution, probes, backend settings, TLS, hostnames, certificates and real application behavior.
Read articlePublishing a business application with Azure Application Gateway, mTLS, and a dedicated WAF policy
An operational walkthrough for publishing a controlled business application behind Azure Application Gateway with dedicated HTTPS listeners, mutual TLS, a scoped WAF policy, HTTPS backends, and network validation points.
Read article