Connecting Microsoft Monitoring Agent to Azure Log Analytics (OMS) 'Service Connector, 4007'

Question

Connecting Microsoft Monitoring Agent to Azure Log Analytics (OMS) 'Service Connector, 4007'

2.4k Views Asked by jlo-gmail At 19 October 2024 at 23:45

I have Azure VM's to connect to Azure Log Analytics. We have a very controlled network and we have to allow IP's via NSG's. Unfortunately, there is no list of Service Tag(s) to get this to work. I have reviewed the logs and found certain errors to certain urls. I have resolved the errors using NSLookup and the Service Tag json dump to figure out which URL goes with which service tag in the NSG(time consuming). I have one last error in the event log pointing to

2a503930-be9f-4ce1-a779-bfb1c9d63461.oms.opinsights.azure.com
Service Connector
EventID: 4007

nslookup maps this to eus-aa-oms-b.cloudapp.net 40.71.12.250 == ServiceTag:AzureMonitor. I have ServiceTag:AzureMonitor added to the NSG.

What does this error mean and how do I resolve it ?

- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
  <Provider Name="Service Connector" /> 
  <EventID Qualifiers="49152">4007</EventID> 
  <Level>2</Level> 
  <Task>2</Task> 
  <Keywords>0x80000000000000</Keywords> 
  <TimeCreated SystemTime="2019-09-11T16:16:53.691212500Z" /> 
  <EventRecordID>425</EventRecordID> 
  <Channel>Operations Manager</Channel> 
  <Computer>MSOAZDD1FXAPP01</Computer> 
  <Security /> 
  </System>
- <EventData>
  <Data>2a503930-be9f-4ce1-a779-bfb1c9d63461.oms.opinsights.azure.com</Data> 
  <Data>https://2a503930-be9f-4ce1-a779-bfb1c9d63461.oms.opinsights.azure.com/AgentService.svc/AgentTopologyRequest</Data> 
  <Data>873b306f-31be-439d-bf32-19c4568f90aa</Data> 
  <Data /> 
  </EventData>
  </Event>

Original Q&A

There are 1 best solutions below

**jlo-gmail** · Answer 1

Make sure the NSG allows 168.63.129.16 Inbound/Outbound. This is the "Azure Platform"

The public IP address 168.63.129.16 is used in all regions and all national clouds. This special public IP address is owned by Microsoft and will not change. It is allowed by the default network security group rule. We recommend that you allow this IP address in any local firewall policies in both inbound and outbound directions. The communication between this special IP address and the resources is safe because only the internal Azure platform can source a message from this IP address. If this address is blocked, unexpected behavior can occur in a variety of scenarios.

https://learn.microsoft.com/en-us/azure/virtual-network/what-is-ip-address-168-63-129-16

Connecting Microsoft Monitoring Agent to Azure Log Analytics (OMS) 'Service Connector, 4007'

There are 1 best solutions below

Related Questions in AZURE

Related Questions in AZURE-LOG-ANALYTICS

Related Questions in AZURE-MONITORING

Related Questions in OMS

Trending Questions

Popular # Hahtags

Popular Questions