Error when ingesting Azure Monitor Diagnostic Log:...

njytrde · ‎06-15-2019

Hello,

I am trying to ingest Azure Activity Logs and Azure Diagnostic logs into our Splunk cloud environment. Per another question on Azure Activity logs, I was able to find out that I needed to have port 5671 for the Activity logs.

I had that done through my network team and am now getting the Activity logs, but NOT the Diagnostic logs.

This is the error I get:

06-15-2019 02:19:57.727 -0400 ERROR ExecProcessor - message from "/opt/splunk/etc/apps/TA-Azure_Monitor/bin/azure_diagnostic_logs.sh" Modular input azure_diagnostic_logs://New Azure Monitor Diagnostic Log No connection on hub: docs05.

Is there a network route to the endpoint?

Also, this is through the Azure Monitor add-on, configured in Data Inputs. Please advise on what other port that I need open.

Thanks!

Priyankakumari1 · ‎06-15-2020

Hi, I am getting same, please let me know how you resolved this??

Error when ingesting Azure Monitor Diagnostic Log: no connection on hub docs:05

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Build the Future of Agentic AI: Join the Splunk Agentic Ops Hackathon

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!

Join the Conversation