It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda Web Application Firewall
Overview Documentation Training Certification Materials

Barracuda Web Application Firewall Integration with Microsoft Azure Sentinel

  • Last updated on

Microsoft Azure Sentinel is a scalable, cloud-native security information event management (SIEM) and security orchestration automated response (SOAR) solution that does the following:

  • Provides intelligent security analytics at cloud scale for your enterprise.
  • Collects log information from all devices and applications, both on-premises and in multiple clouds.
  • Analyzes the data and detects threats quickly with artificial intelligence (AI).

For more information about Azure Sentinel, see Microsoft Documentation.

Barracuda Web Application Firewall (WAF) integration allows you to easily connect your Barracuda Networks logs with Azure Sentinel to view dashboards, create custom alerts, and improve investigation. This integration provides greater insight into the organization’s network and improves your security operation capabilities.

Prerequisites

Integrate Barracuda Web Application Firewall with Azure Sentinel

  1. Go to the Azure Sentinel page and click Create.

    Azure_Sentinel.png

  2. On the Add Azure Sentinel to a workspace page, select the workspace you created and click Add.

    Add_Azure_Sentinel.png

  3. On the Azure Sentinel page, click on Workbooks under Threat Management and then click Add workbook.

    Add_Workbook.png

  4. On the New workbook page, click Edit.

    New_workbook.png

  5. On the Edit page, click Advanced Editor (</>).

    Edit_workbook.png

  6. On the Editor page:
    1. Select the Template Type as Gallery Template.
    2. Clear the text area.
    3. Copy and paste the Barracuda ARM Template. The Sentinel workbook template is available on GitHub.
    4. Click Apply and click Save.

      Template.png

  7. Go to the workspace you created and click Agents Management under Settings.
  8. In the left panel, click Linux servers and note down the Workspace ID, Primary key and Secondary key details.

    Agents Management.png

  9. On the Barracuda Web Application Firewall web interface:
    1. Go to the ADVANCED > Export Logs page.
    2. In the External Log Servers section, click Add Log Server and add the Microsoft Azure Log Analytics server details. See Configure the Barracuda Web Application Firewall to Integrate with the Log Analytics Server and Export Logs.
  10. You can now see the event logs and graphs displayed on Azure Sentinel.