Centralized collection and storage of traffic logs is one of the most important pieces of any enterprise security environment and it is crucial to have the information about the source (resource requester). In most cases this is as simple as installing an agent on the server and / or forwarding the log files to the log collector / SIEM etc. However, in some cases, it is not so straight forward. Azure Application Gateway Consider an Internet facing application that you have hosted in you Azure infrastructure. Just a quick refresher, an Azure Application Gateway: is an OSI Layer-7 load-balancer is capable of performing an SSL termination is a reverse proxy (like any standard load balancer) is capable of performing health checks of the backend servers (which host the actual application content) and thereby ensure that if one of the backend servers goes down, it automatically stops sending the traffic to this bad server and thereby save you from an outage The following setup shows users en...