MicrosoftDocs
diff --git a/‎articles/firewall/media/dns-proxy/dns-query-flow.png‎
84.1 KB b/‎articles/firewall/media/dns-proxy/dns-query-flow.png‎
84.1 KB
diff --git a/‎articles/firewall/monitor-firewall-reference.md‎
Lines changed: 12 additions & 6 deletions b/‎articles/firewall/monitor-firewall-reference.md‎
Lines changed: 12 additions & 6 deletions
@@ -25,6 +25,18 @@ The following table lists the metrics available for the Microsoft.Network/azureF
 
 [!INCLUDE [Microsoft.Network/azureFirewalls](~/reusable-content/ce-skilling/azure/includes/azure-monitor/reference/metrics/microsoft-network-azurefirewalls-metrics-include.md)]
 
+
+### Observed capacity
+The Observed Capacity metric is the primary tool for understanding how your firewall is scaling in practice.
+
+Best practices for using it:
+- Validate your prescaling setup: Confirm that your firewall consistently maintains the minCapacity you’ve defined.
+- Track real-time scaling behavior: Use the Max aggregation to see the highest capacity units reached during peak events.
+- Forecast future needs: Combine historical Observed Capacity with traffic trends (e.g., monthly spikes, seasonal events) to refine your capacity planning.
+- Set proactive alerts: Configure Azure Monitor alerts on Observed Capacity thresholds (e.g., “alert me if scaling > 80% of maxCapacity”).
+- Correlate with performance metrics: Pair Observed Capacity with Throughput, Latency Probe, and SNAT Port Utilization to diagnose whether scaling is keeping up with demand.
+
+
 ### Firewall health state
 
 In the preceding table, the *Firewall health state* metric has two dimensions:
@@ -99,12 +111,6 @@ The latency probe currently uses Microsoft's Ping Mesh technology, which is base
 
 [!INCLUDE [Microsoft.Network/azureFirewalls](~/reusable-content/ce-skilling/azure/includes/azure-monitor/reference/logs/microsoft-network-azurefirewalls-logs-include.md)]
 
-Azure Firewall has two specialized diagnostic logs that can help monitor your firewall, but these logs currently do not show application rule details.
-- Top flows
-- Flow trace
-
-
-
 ## Top flows
 
 The top flows log is known in the industry as *fat flow log* and in the preceding table as *Azure Firewall Fat Flow Log*. The top flows log shows the top connections that are contributing to the highest throughput through the firewall.