When the Client tries to download the Blob file from Microsoft, it seems not to send the Bearer Token with the Request:
Whatever I try, I get these error message:
[00:00:05.458] (42c) ERROR Err getting blob response error sending request for url (https://manage.office.com/api/v1.0/xxxxxx/activity/feed/subscriptions/content?contentType=Audit.AzureActiveDirectory&startTime=2024-06-19T08:01:55Z&endTime=2024-06-20T08:01:55Z&PublisherIdentifier=12345678-1234-1234-1234-123456789123): operation timed out
Connections and Permissions seems to look good. The Collector also Downloads a bunch of Content. But when the Collector tries to download the Blob, it fails.
[00:00:00.000] (210) INFO Initializing collector.
[00:00:00.000] (210) INFO Logging in to Office Management API.
[00:00:00.000] (210) DEBUG starting new connection: https://login.microsoftonline.com/
[00:00:00.263] (210) INFO Successfully logged in to Office Management API.
[00:00:00.264] (210) INFO Subscribing to audit feeds.
[00:00:00.264] (210) INFO Getting current audit feed subscriptions.
[00:00:00.264] (210) DEBUG starting new connection: https://manage.office.com/
[00:00:00.476] (210) INFO Already subscribed to feed audit.azureactivedirectory
[00:00:00.477] (210) INFO Already subscribed to feed audit.exchange
[00:00:00.479] (210) INFO Already subscribed to feed audit.general
[00:00:00.479] (210) INFO Already subscribed to feed audit.sharepoint
[00:00:00.479] (210) INFO Already subscribed to feed dlp.all
[00:00:00.479] (210) INFO All audit feeds subscriptions exist.
[00:00:00.479] (210) INFO Spawned collector threads
[00:00:00.484] (6334) DEBUG starting new connection: https://manage.office.com/
...
[00:00:05.488] (6334) WARN Error getting blob response text request or response body error: operation timed out
[00:00:05.488] (308c) WARN Retry blob 2 https://manage.office.com/api/v1.0/xxx/activity/feed/subscriptions/content?
Log from the Console
thread 'main' panicked at src\collector.rs:122:34:
Cannot block the current thread from within a runtime. This happens because a function attempted to block the current thread while the thread is being used to drive asynchronous tasks.
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
thread '<unnamed>' panicked at src\api_connection.rs:452:21:
Could not send status update, channel closed?: send failed because receiver is gone
thread '<unnamed>' panicked at src\api_connection.rs:358:25:
Could not send found content, channel closed?: send failed because receiver is gone
When the Client tries to download the Blob file from Microsoft, it seems not to send the Bearer Token with the Request:
Whatever I try, I get these error message:
[00:00:05.458] (42c) ERROR Err getting blob response error sending request for url (https://manage.office.com/api/v1.0/xxxxxx/activity/feed/subscriptions/content?contentType=Audit.AzureActiveDirectory&startTime=2024-06-19T08:01:55Z&endTime=2024-06-20T08:01:55Z&PublisherIdentifier=12345678-1234-1234-1234-123456789123): operation timed outConnections and Permissions seems to look good. The Collector also Downloads a bunch of Content. But when the Collector tries to download the Blob, it fails.
Log from the Console
Logging is also enabled: