Azure Network Watcher - Learn more about the Azure Network Watcher standard data source in Cortex XSIAM. - Administrator Guide - Cortex XSIAM - Cortex

Azure Network Watcher - Learn more about the Azure Network Watcher standard data source in Cortex XSIAM. - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM 3.x Documentation

Product

Cortex XSIAM

Creation date

2025-07-15

Last date published

2026-06-16

Category

Administrator Guide

Abstract

Learn more about the Azure Network Watcher standard data source in Cortex XSIAM.

You can configure collecting Azure Network Watcher logs using a standard data source:

Azure Network Watcher vendor	Description
Standard data source overview	Forward different types of flow logs to Cortex XSIAM from Azure Network Watcher using the Azure Network Watcher data source.
Link to standard data source instructions	The following types of flow logs can be ingested from Azure Network Watcher: Network security group (NSG) flow logs Virtual network (VNet) flow logs For more information, see Ingest network flow logs from Microsoft Azure Network Watcher.

Azure Network Watcher vendor

Description

Standard data source overview

Forward different types of flow logs to Cortex XSIAM from Azure Network Watcher using the Azure Network Watcher data source.

Link to standard data source instructions

The following types of flow logs can be ingested from Azure Network Watcher:

Network security group (NSG) flow logs
Virtual network (VNet) flow logs

For more information, see Ingest network flow logs from Microsoft Azure Network Watcher.