Open TheKrisSodroski opened 1 month ago
Same problem Here.
@rmdoliveira
I've found, through much trial and error, that the VMs cannot share a Azure Monitor private link scope. As soon as you attempt to share the private link scope, the dns records get messed up and the VM can no longer access the token endpoints.
If you run the troubleshooter like I did at the bottom of my post and post it here, maybe I can help you with your issue.
Hey @TheKrisSodroski
Could you share any insights on how you resolved the issue?
Hey @TheKrisSodroski
Could you share any insights on how you resolved the issue?
Each Vnet that needs access to Azure Monitor should have it's own Nic/private endpoint.
The Solution which i Found is by Updating Host file of My Syslog Collector - /etc/host . and updated my DCR DNS record which i used on my Privet Endpoint .
This solves my issue on reporting to LAW
I have a ubuntu 22_04 that I deploy that uses AzureMonitorLinuxAgent to send it's syslogs to log analytics.
On first deployment, syslogs begin to be sent without issue.
But once the token refresh cycle happens, I'm unable to obtain tokens, and thus, logs stop flowing to log analytics.
mdsd.err
mdsd.info
As you can see, over time, the agent is unable to obtain a token at all.
Restarting the VM does not help, nor does restarting the azure monitor service. It is simply unable to obtain the token.
I've also given the VM full access to the internet and can verify that I can reach the private link and get the SSL cert for the private link
MyVM-monitor-pe-kdzp.eastus-1.handler.control.monitor.azure.com
but I cannot accessglobal.handler.control.monitor.azure.com
(no hostname exists) despite there being a DNS recordDeleting the VM and redeploying allows it to work again, but eventually, this issue happens again.
Any help is much appreciated.