All Apps and Add-ons

MS Teams Add-On Graph subscription fails

hanselad
Explorer

Hello,

We're trying to use this add on to get MS Teams Call Quality data into Splunk. However, there is a persistent issue -- we're not able to subscribe to Graph change notifications. The error we get is 
2020-06-15 14:59:01,505 ERROR pid=13270 tid=MainThread file=base_modinput.py:log_error:309 | Could not create subscription: 400 Client Error: Bad Request for url: https://graph.microsoft.com/v1.0/subscriptions

When tried through Postman or curl, the error is 

{
  "error": {
    "code": "InvalidRequest",
    "message": "The underlying connection was closed: An unexpected error occurred on a send.",
    "innerError": {
      "date": "2020-06-15T15:08:45",
      "request-id": "bbd8c734-15e4-4439-b2bc-be49ba2a6335"
    }
  }
}
 

Anyone facing a similar error? 

@jconger 

Labels (1)
0 Karma
1 Solution

livehybrid
Builder

Its funny you mention that because I've just done the exact same using AWS LB and ACM.

The logging out of Azure isnt particularly helpful. I also ran into the SSL issue - Azure doesnt allow for non-trusted certificate, there doesnt appear to be a flag to disable.

For anyone else running into this issue, ensure that you're webhook is publicly accessible with a  publicly trusted SSL Certificate and that your Azure application has the correct API permissions to configure. the subscription.

 

View solution in original post

livehybrid
Builder

I ran in to the same problem with this - the webhook has to be externally accessible and must be https!

{
"notificationUrl": "http://myfqdn:4444",
"resource": "/communications/callRecords",
"changeType": "created, updated",
"expirationDateTime": "2020-06-18T21:36:38Z"
}

returns:

{
	"error": {
		"code": "InvalidRequest",
		"message": "NotificationUrl scheme='http' is not supported.",
		"innerError": {
			"date": "2020-06-16T21:36:39",
			"request-id": "50aa099c-21a1-4531-aeb8-f42596924e24"
		}
	}
}

 Azure must also be able to resolve the domain.

I hope this helps.

hanselad
Explorer

Hey @livehybrid  thanks for your response! Our webhook was on a HF in a DMZ, we made sure it was publicly accessible, tried https and http for the webhook but ran into similar errors.

We found the culprit this morning though -- It was a cert issue. Azure did not like what we had and the SSL termination process was not working correctly on our HF. To fix, we set up an ALB (AWS infra) and set up an HTTPS listener on it. This paired with the right cert from ACM fixed the issue for us. Hope this helps!

0 Karma

paulm
Observer

@hanselad @livehybrid when you set up the ALB did you do it with a target group? what port did you point it to? when you set up a listener, what ports did you use? I'm really struggling to get this working... the documentation on how to do this is non existent 😞

0 Karma

livehybrid
Builder

Its funny you mention that because I've just done the exact same using AWS LB and ACM.

The logging out of Azure isnt particularly helpful. I also ran into the SSL issue - Azure doesnt allow for non-trusted certificate, there doesnt appear to be a flag to disable.

For anyone else running into this issue, ensure that you're webhook is publicly accessible with a  publicly trusted SSL Certificate and that your Azure application has the correct API permissions to configure. the subscription.

 

hanselad
Explorer

Good to know we weren't the only ones with that issue. Thanks for chiming in!

0 Karma
Get Updates on the Splunk Community!

Stay Connected: Your Guide to July and August Tech Talks, Office Hours, and Webinars!

Dive into our sizzling summer lineup for July and August Community Office Hours and Tech Talks. Scroll down to ...

Edge Processor Scaling, Energy & Manufacturing Use Cases, and More New Articles on ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Get More Out of Your Security Practice With a SIEM

Get More Out of Your Security Practice With a SIEMWednesday, July 31, 2024  |  11AM PT / 2PM ETREGISTER ...