Azure Event Hubs monitoring data reference
This article contains all the monitoring reference information for this service.
See Monitor Azure Event Hubs for details on the data you can collect for Event Hubs and how to use it.
Azure Event Hubs creates monitoring data using Azure Monitor, which is a full stack monitoring service in Azure. Azure Monitor provides a complete set of features to monitor your Azure resources. It can also monitor resources in other clouds and on-premises.
Azure Event Hubs collects the same kinds of monitoring data as other Azure resources that are described in Monitoring data from Azure resources.
Metrics
This section lists all the automatically collected platform metrics for this service. These metrics are also part of the global list of all platform metrics supported in Azure Monitor.
For information on metric retention, see Azure Monitor Metrics overview.
Supported metrics for Microsoft.EventHub/clusters
The following table lists the metrics available for the Microsoft.EventHub/clusters resource type.
- All columns might not be present in every table.
- Some columns might be beyond the viewing area of the page. Select Expand table to view all available columns.
Table headings
- Category - The metrics group or classification.
- Metric - The metric display name as it appears in the Azure portal.
- Name in REST API - The metric name as referred to in the REST API.
- Unit - Unit of measure.
- Aggregation - The default aggregation type. Valid values: Average (Avg), Minimum (Min), Maximum (Max), Total (Sum), Count.
- Dimensions - Dimensions available for the metric.
- Time Grains - Intervals at which the metric is sampled. For example,
PT1Mindicates that the metric is sampled every minute,PT30Mevery 30 minutes,PT1Hevery hour, and so on. - DS Export- Whether the metric is exportable to Azure Monitor Logs via diagnostic settings. For information on exporting metrics, see Create diagnostic settings in Azure Monitor.
| Metric | Name in REST API | Unit | Aggregation | Dimensions | Time Grains | DS Export |
|---|---|---|---|---|---|---|
| ActiveConnections Total Active Connections for Microsoft.EventHub. |
ActiveConnections |
Count | Average | <none> | PT1M | No |
| Available Memory Available memory for the Event Hub Cluster as a percentage of total memory. |
AvailableMemory |
Percent | Maximum | Role |
PT1M | No |
| Capture Backlog. Capture Backlog for Microsoft.EventHub. |
CaptureBacklog |
Count | Total (Sum) | <none> | PT1M | No |
| Captured Bytes. Captured Bytes for Microsoft.EventHub. |
CapturedBytes |
Bytes | Total (Sum) | <none> | PT1M | No |
| Captured Messages. Captured Messages for Microsoft.EventHub. |
CapturedMessages |
Count | Total (Sum) | <none> | PT1M | No |
| Connections Closed. Connections Closed for Microsoft.EventHub. |
ConnectionsClosed |
Count | Average | <none> | PT1M | No |
| Connections Opened. Connections Opened for Microsoft.EventHub. |
ConnectionsOpened |
Count | Average | <none> | PT1M | No |
| CPU CPU utilization for the Event Hub Cluster as a percentage |
CPU |
Percent | Maximum | Role |
PT1M | No |
| Incoming Bytes. Incoming Bytes for Microsoft.EventHub. |
IncomingBytes |
Bytes | Total (Sum) | <none> | PT1M | Yes |
| Incoming Messages Incoming Messages for Microsoft.EventHub. |
IncomingMessages |
Count | Total (Sum) | <none> | PT1M | Yes |
| Incoming Requests Incoming Requests for Microsoft.EventHub. |
IncomingRequests |
Count | Total (Sum) | <none> | PT1M | Yes |
| Outgoing Bytes. Outgoing Bytes for Microsoft.EventHub. |
OutgoingBytes |
Bytes | Total (Sum) | <none> | PT1M | Yes |
| Outgoing Messages Outgoing Messages for Microsoft.EventHub. |
OutgoingMessages |
Count | Total (Sum) | <none> | PT1M | Yes |
| Quota Exceeded Errors. Quota Exceeded Errors for Microsoft.EventHub. |
QuotaExceededErrors |
Count | Total (Sum) | OperationResult |
PT1M | No |
| Server Errors. Server Errors for Microsoft.EventHub. |
ServerErrors |
Count | Total (Sum) | OperationResult |
PT1M | No |
| Size Size of an EventHub in Bytes. |
Size |
Bytes | Average, Minimum, Maximum | Role |
PT1M | No |
| Successful Requests Successful Requests for Microsoft.EventHub. |
SuccessfulRequests |
Count | Total (Sum) | OperationResult |
PT1M | No |
| Throttled Requests. Throttled Requests for Microsoft.EventHub. |
ThrottledRequests |
Count | Total (Sum) | OperationResult |
PT1M | No |
| User Errors. User Errors for Microsoft.EventHub. |
UserErrors |
Count | Total (Sum) | OperationResult |
PT1M | No |
Supported metrics for Microsoft.EventHub/Namespaces
The following table lists the metrics available for the Microsoft.EventHub/Namespaces resource type.
- All columns might not be present in every table.
- Some columns might be beyond the viewing area of the page. Select Expand table to view all available columns.
Table headings
- Category - The metrics group or classification.
- Metric - The metric display name as it appears in the Azure portal.
- Name in REST API - The metric name as referred to in the REST API.
- Unit - Unit of measure.
- Aggregation - The default aggregation type. Valid values: Average (Avg), Minimum (Min), Maximum (Max), Total (Sum), Count.
- Dimensions - Dimensions available for the metric.
- Time Grains - Intervals at which the metric is sampled. For example,
PT1Mindicates that the metric is sampled every minute,PT30Mevery 30 minutes,PT1Hevery hour, and so on. - DS Export- Whether the metric is exportable to Azure Monitor Logs via diagnostic settings. For information on exporting metrics, see Create diagnostic settings in Azure Monitor.
| Metric | Name in REST API | Unit | Aggregation | Dimensions | Time Grains | DS Export |
|---|---|---|---|---|---|---|
| ActiveConnections Total Active Connections for Microsoft.EventHub. |
ActiveConnections |
Count | Maximum, Minimum, Average | <none> | PT1M | No |
| Capture Backlog. Capture Backlog for Microsoft.EventHub. |
CaptureBacklog |
Count | Total (Sum) | EntityName |
PT1M | No |
| Captured Bytes. Captured Bytes for Microsoft.EventHub. |
CapturedBytes |
Bytes | Total (Sum) | EntityName |
PT1M | No |
| Captured Messages. Captured Messages for Microsoft.EventHub. |
CapturedMessages |
Count | Total (Sum) | EntityName |
PT1M | No |
| Connections Closed. Connections Closed for Microsoft.EventHub. |
ConnectionsClosed |
Count | Maximum | EntityName |
PT1M | No |
| Connections Opened. Connections Opened for Microsoft.EventHub. |
ConnectionsOpened |
Count | Maximum | EntityName |
PT1M | No |
| Archive backlog messages (Deprecated) Event Hub archive messages in backlog for a namespace (Deprecated) |
EHABL |
Count | Total (Sum) | <none> | PT1M | Yes |
| Archive message throughput (Deprecated) Event Hub archived message throughput in a namespace (Deprecated) |
EHAMBS |
Bytes | Total (Sum) | <none> | PT1M | Yes |
| Archive messages (Deprecated) Event Hub archived messages in a namespace (Deprecated) |
EHAMSGS |
Count | Total (Sum) | <none> | PT1M | Yes |
| Incoming bytes (Deprecated) Event Hub incoming message throughput for a namespace (Deprecated) |
EHINBYTES |
Bytes | Total (Sum) | <none> | PT1M | Yes |
| Incoming bytes (obsolete) (Deprecated) Event Hub incoming message throughput for a namespace. This metric is deprecated. Please use Incoming bytes metric instead (Deprecated) |
EHINMBS |
Bytes | Total (Sum) | <none> | PT1M | Yes |
| Incoming Messages (Deprecated) Total incoming messages for a namespace (Deprecated) |
EHINMSGS |
Count | Total (Sum) | <none> | PT1M | Yes |
| Outgoing bytes (Deprecated) Event Hub outgoing message throughput for a namespace (Deprecated) |
EHOUTBYTES |
Bytes | Total (Sum) | <none> | PT1M | Yes |
| Outgoing bytes (obsolete) (Deprecated) Event Hub outgoing message throughput for a namespace. This metric is deprecated. Please use Outgoing bytes metric instead (Deprecated) |
EHOUTMBS |
Bytes | Total (Sum) | <none> | PT1M | Yes |
| Outgoing Messages (Deprecated) Total outgoing messages for a namespace (Deprecated) |
EHOUTMSGS |
Count | Total (Sum) | <none> | PT1M | Yes |
| Failed Requests (Deprecated) Total failed requests for a namespace (Deprecated) |
FAILREQ |
Count | Total (Sum) | <none> | PT1M | Yes |
| Incoming Bytes. Incoming Bytes for Microsoft.EventHub. |
IncomingBytes |
Bytes | Total (Sum) | EntityName |
PT1M | Yes |
| Incoming Messages Incoming Messages for Microsoft.EventHub. |
IncomingMessages |
Count | Total (Sum) | EntityName |
PT1M | Yes |
| Incoming Requests Incoming Requests for Microsoft.EventHub. |
IncomingRequests |
Count | Total (Sum) | EntityName |
PT1M | Yes |
| Incoming Messages (obsolete) (Deprecated) Total incoming messages for a namespace. This metric is deprecated. Please use Incoming Messages metric instead (Deprecated) |
INMSGS |
Count | Total (Sum) | <none> | PT1M | Yes |
| Incoming Requests (Deprecated) Total incoming send requests for a namespace (Deprecated) |
INREQS |
Count | Total (Sum) | <none> | PT1M | Yes |
| Internal Server Errors (Deprecated) Total internal server errors for a namespace (Deprecated) |
INTERR |
Count | Total (Sum) | <none> | PT1M | Yes |
| Other Errors (Deprecated) Total failed requests for a namespace (Deprecated) |
MISCERR |
Count | Total (Sum) | <none> | PT1M | Yes |
| CPU CPU usage metric for Premium SKU namespaces. |
NamespaceCpuUsage |
Percent | Maximum, Minimum, Average | Replica |
PT1M | No |
| Memory Usage Memory usage metric for Premium SKU namespaces. |
NamespaceMemoryUsage |
Percent | Maximum, Minimum, Average | Replica |
PT1M | No |
| Outgoing Bytes. Outgoing Bytes for Microsoft.EventHub. |
OutgoingBytes |
Bytes | Total (Sum) | EntityName |
PT1M | Yes |
| Outgoing Messages Outgoing Messages for Microsoft.EventHub. |
OutgoingMessages |
Count | Total (Sum) | EntityName |
PT1M | Yes |
| Outgoing Messages (obsolete) (Deprecated) Total outgoing messages for a namespace. This metric is deprecated. Please use Outgoing Messages metric instead (Deprecated) |
OUTMSGS |
Count | Total (Sum) | <none> | PT1M | Yes |
| Quota Exceeded Errors. Quota Exceeded Errors for Microsoft.EventHub. |
QuotaExceededErrors |
Count | Total (Sum) | EntityName, OperationResult |
PT1M | No |
| ReplicationLagCount Replication lag by message count |
ReplicationLagCount |
Count | Maximum, Minimum, Average | EntityName |
PT1M | No |
| ReplicationLagDuration Replication lag by time duration |
ReplicationLagDuration |
Seconds | Maximum, Minimum, Average | EntityName |
PT1M | Yes |
| Server Errors. Server Errors for Microsoft.EventHub. |
ServerErrors |
Count | Total (Sum) | EntityName, OperationResult |
PT1M | No |
| Size Size of an EventHub in Bytes. |
Size |
Bytes | Average, Minimum, Maximum | EntityName |
PT1M | No |
| Successful Requests Successful Requests for Microsoft.EventHub. |
SuccessfulRequests |
Count | Total (Sum) | EntityName, OperationResult |
PT1M | No |
| Successful Requests (Deprecated) Total successful requests for a namespace (Deprecated) |
SUCCREQ |
Count | Total (Sum) | <none> | PT1M | Yes |
| Server Busy Errors (Deprecated) Total server busy errors for a namespace (Deprecated) |
SVRBSY |
Count | Total (Sum) | <none> | PT1M | Yes |
| Throttled Requests. Throttled Requests for Microsoft.EventHub. |
ThrottledRequests |
Count | Total (Sum) | EntityName, OperationResult |
PT1M | No |
| User Errors. User Errors for Microsoft.EventHub. |
UserErrors |
Count | Total (Sum) | EntityName, OperationResult |
PT1M | No |
The following tables list all the automatically collected platform metrics collected for Azure Event Hubs. The resource provider for these metrics is Microsoft.EventHub/clusters or Microsoft.EventHub/namespaces.
Request metrics count the number of data and management operations requests. This table provides more information about values from the preceding tables.
| Metric name | Description |
|---|---|
| Incoming Requests | The number of requests made to the Event Hubs service over a specified period. This metric includes all the data and management plane operations. |
| Successful Requests | The number of successful requests made to the Event Hubs service over a specified period. |
| Throttled Requests | The number of requests that were throttled because the usage was exceeded. |
This table provides more information for message metrics from the preceding tables.
| Metric name | Description |
|---|---|
| Incoming Messages | The number of events or messages sent to Event Hubs over a specified period. |
| Outgoing Messages | The number of events or messages received from Event Hubs over a specified period. |
| Captured Messages | The number of captured messages. |
| Incoming Bytes | Incoming bytes for an event hub over a specified period. |
| Outgoing Bytes | Outgoing bytes for an event hub over a specified period. |
| Size | Size of an event hub in bytes. |
Note
- These values are point-in-time values. Incoming messages that are consumed immediately after that point-in-time might not be reflected in these metrics.
- The Incoming Requests metric includes all the data and management plane operations. The Incoming Messages metric gives you the total number of events that are sent to the event hub. For example, if you send a batch of 100 events to an event hub, it counts as 1 incoming request and 100 incoming messages.
This table provides more information for capture metrics from the preceding tables.
| Metric name | Description |
|---|---|
| Captured Messages | The number of captured messages. |
| Captured Bytes | Captured bytes for an event hub. |
| Capture Backlog | Capture backlog for an event hub. |
This table provides more information for connection metrics from the preceding tables.
| Metric name | Description |
|---|---|
| Active Connections | The number of active connections on a namespace and on an entity (event hub) in the namespace. Value for this metric is a point-in-time value. Connections that were active immediately after that point-in-time might not be reflected in the metric. |
| Connections Opened | The number of open connections. |
| Connections Closed | The number of closed connections. |
This table provides more information for error metrics from the preceding tables.
| Metric name | Description |
|---|---|
| Server Errors | The number of requests not processed because of an error in the Event Hubs service over a specified period. |
| User Errors | The number of requests not processed because of user errors over a specified period. |
| Quota Exceeded Errors | The number of errors caused by exceeding quotas over a specified period. |
The following two types of errors are classified as user errors:
- Client-side errors (In HTTP that would be 400 errors).
- Errors that occur while processing messages.
Note
Logic Apps creates epoch receivers. Receivers can be moved from one node to another depending on the service load. During those moves, ReceiverDisconnection exceptions might occur. They are counted as user errors on the Event Hubs service side. Logic Apps can collect failures from Event Hubs clients so that you can view them in user logs.
Metric dimensions
For information about what metric dimensions are, see Multi-dimensional metrics.
This service has the following dimensions associated with its metrics.
| Dimension name | Description |
|---|---|
| EntityName | Name of the event hub. With the 'Incoming Requests' metric, the Entity Name dimension has a value of -NamespaceOnlyMetric- in addition to all your event hubs. It represents the requests that were made at the namespace level. Examples include a request to list all event hubs in the namespace or requests to entities that failed authentication or authorization. |
| OperationResult | Either indicates success or the appropriate error state, such as serverbusy, clienterror or quotaexceeded. |
Adding dimensions to your metrics is optional. If you don't add dimensions, metrics are specified at the namespace level.
Note
When you enable metrics in a diagnostic setting, dimension information isn't currently included as part of the information sent to a storage account, event hub, or log analytics.
Resource logs
This section lists the types of resource logs you can collect for this service. The section pulls from the list of all resource logs category types supported in Azure Monitor.
Supported resource logs for Microsoft.EventHub/Namespaces
| Category | Category display name | Log table | Supports basic log plan | Supports ingestion-time transformation | Example queries | Costs to export |
|---|---|---|---|---|---|---|
ApplicationMetricsLogs |
Application Metrics Logs | AZMSApplicationMetricLogs Captures application metrics(incoming/outgoing, successful/failed, etc. message delivery) for Azure Event Hubs and Azure Service Bus. |
Yes | No | Yes | |
ArchiveLogs |
Archive Logs | AZMSArchiveLogs Captures information about Event Hubs capture operations, specifically, logs related to capture errors. |
Yes | No | No | |
AutoScaleLogs |
Auto Scale Logs | AZMSAutoscaleLogs Captures auto-inflate operations done on an Event Hubs namespace. |
Yes | No | No | |
CustomerManagedKeyUserLogs |
Customer Managed Key Logs | No | No | No | ||
DataDRLogs |
DataDR Logs | AzureDiagnostics Logs from multiple Azure resources. |
No | No | Queries | Yes |
DiagnosticErrorLogs |
Diagnostic Error Logs | AZMSDiagnosticErrorLogs Captures aggregated diagnostic information such as client errors , server busy errors and quota exceeded errors for various data plane access operations (such as send or receive messages) in Azure Event Hubs and Azure Service Bus. |
Yes | No | Queries | Yes |
EventHubVNetConnectionEvent |
VNet/IP Filtering Connection Logs | AZMSVnetConnectionEvents Captures all virtual network and IP filtering logs for Azure Event Hubs and Azure Service Bus. These would only be emitted if namespace allows access from selected networks or from specific IP address (IP Filter rules). |
Yes | No | Queries | No |
KafkaCoordinatorLogs |
Kafka Coordinator Logs | AZMSKafkaCoordinatorLogs Captures kafka coordinator operations related to Event Hubs. |
Yes | No | No | |
KafkaUserErrorLogs |
Kafka User Error Logs | AZMSKafkaUserErrorLogs Captures information about kafka APIs called on Event Hubs. |
Yes | No | No | |
OperationalLogs |
Operational Logs | AZMSOperationalLogs Captures all management operations that are performed on the Azure Event Hubs/Azure Service Bus namespace and its entities. |
Yes | No | Queries | No |
RuntimeAuditLogs |
Runtime Audit Logs | AZMSRunTimeAuditLogs Captures aggregated diagnostic information for various data plane access operations (such as send or receive messages) in Azure Event Hubs and Azure Service Bus. Runtime audit logs are currently available only in premium tier. |
Yes | No | Queries | Yes |
Azure Monitor Logs tables
This section lists the Azure Monitor Logs tables relevant to this service, which are available for query by Log Analytics using Kusto queries. The tables contain resource log data and possibly more depending on what is collected and routed to them.
Event Hubs Microsoft.EventHub/namespaces
- AzureActivity
- AzureMetrics
- AzureDiagnostics
- AZMSApplicationMetricLogs
- AZMSOperationalLogs
- AZMSRunTimeAuditLogs
- AZMSDiagnosticErrorLogs
- AZMSVnetConnectionEvents
- AZMSArchiveLogs
- AZMSAutoscaleLogs
- AZMSKafkaCoordinatorLogs
- AZMSKafkaUserErrorLogs
- AZMSCustomerManagedKeyUserLogs
Event Hubs resource logs
Azure Event Hubs now has the capability to dispatch logs to either of two destination tables: Azure Diagnostic or Resource specific tables in Log Analytics. You could use the toggle available on Azure portal to choose destination tables.
Azure Event Hubs uses Kusto tables from Azure Monitor Logs. You can query these tables with Log Analytics.
You can view our sample queries to get started with different log categories.
Important
Dimensions aren't exported to a Log Analytics workspace.
Event Hubs captures diagnostic logs for the following categories:
| Category | Description |
|---|---|
| Archive Logs | Captures information about Event Hubs Capture operations, specifically, logs related to capture errors. |
| Operational Logs | Capture all management operations that are performed on the Azure Event Hubs namespace. Data operations aren't captured, because of the high volume of data operations that are conducted on Azure Event Hubs. |
| Auto scale logs | Captures autoinflate operations done on an Event Hubs namespace. |
| Kafka coordinator logs | Captures Kafka coordinator operations related to Event Hubs. |
| Kafka user error logs | Captures information about Kafka APIs called on Event Hubs. |
| Event Hubs virtual network connection event | Captures information about IP addresses and virtual networks sending traffic to Event Hubs. |
| Customer-managed key user logs | Captures operations related to customer-managed key. |
| Runtime Audit Logs | Capture aggregated diagnostic information for all data plane access operations (such as send or receive events) in Event Hubs. |
| Application Metric Logs | Capture the aggregated information on certain metrics related to data plane operations. |
All logs are stored in JavaScript Object Notation (JSON) format. Each entry has string fields that use the format described in the following sections.
Archive logs schema
Archive log JSON strings include elements listed in the following table:
| Name | Description | Supported in Azure Diagnostics | Supported in AZMSArchiveLogs (Resource specific table) |
|---|---|---|---|
TaskName |
Description of the task that failed | Yes | Yes |
ActivityId |
Internal ID, used for tracking | Yes | Yes |
trackingId |
Internal ID, used for tracking | Yes | Yes |
resourceId |
Azure Resource Manager resource ID | yes | Yes |
eventHub |
Event hub full name (includes namespace name) | Yes | No |
EventhubName |
Name of event hub entity | No | Yes |
partitionId |
Event hub's partition being written to | Yes | Yes |
archiveStep |
possible values: ArchiveFlushWriter, DestinationInit | Yes | Yes |
startTime |
Failure start time | Yes | No |
Time Generated (UTC) |
Timestamp of operation | No | Yes |
failures |
Number of times the failure occurred | Yes | Yes |
durationInSeconds |
Duration of failure | Yes | Yes |
message |
Error message | Yes | Yes |
category |
Log Category | Yes | No |
Provider |
Name of the service emitting the logs, for example, Event Hubs | No | Yes |
Type |
Type of log emitted | No | Yes |
The following code is an example of an archive log JSON string:
AzureDiagnostics:
{
"TaskName": "EventHubArchiveUserError",
"ActivityId": "000000000-0000-0000-0000-0000000000000",
"trackingId": "0000000-0000-0000-0000-00000000000000000",
"resourceId": "/SUBSCRIPTIONS/000000000-0000-0000-0000-0000000000000/RESOURCEGROUPS/<Resource Group Name>/PROVIDERS/MICROSOFT.EVENTHUB/NAMESPACES/<Event Hubs Namespace Name>",
"eventHub": "<Event Hub full name>",
"partitionId": "1",
"archiveStep": "ArchiveFlushWriter",
"startTime": "9/22/2016 5:11:21 AM",
"failures": 3,
"durationInSeconds": 360,
"message": "Microsoft.WindowsAzure.Storage.StorageException: The remote server returned an error: (404) Not Found. ---> System.Net.WebException: The remote server returned an error: (404) Not Found.\r\n at Microsoft.WindowsAzure.Storage.Shared.Protocol.HttpResponseParsers.ProcessExpectedStatusCodeNoException[T](HttpStatusCode expectedStatusCode, HttpStatusCode actualStatusCode, T retVal, StorageCommandBase`1 cmd, Exception ex)\r\n at Microsoft.WindowsAzure.Storage.Blob.CloudBlockBlob.<PutBlockImpl>b__3e(RESTCommand`1 cmd, HttpWebResponse resp, Exception ex, OperationContext ctx)\r\n at Microsoft.WindowsAzure.Storage.Core.Executor.Executor.EndGetResponse[T](IAsyncResult getResponseResult)\r\n --- End of inner exception stack trace ---\r\n at Microsoft.WindowsAzure.Storage.Core.Util.StorageAsyncResult`1.End()\r\n at Microsoft.WindowsAzure.Storage.Core.Util.AsyncExtensions.<>c__DisplayClass4.<CreateCallbackVoid>b__3(IAsyncResult ar)\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.",
"category": "ArchiveLogs"
}
Resource specific table entry:
{
"TaskName": "EventHubArchiveUserError",
"ActivityId": "000000000-0000-0000-0000-0000000000000",
"trackingId": "0000000-0000-0000-0000-00000000000000000",
"resourceId": "/SUBSCRIPTIONS/000000000-0000-0000-0000-0000000000000/RESOURCEGROUPS/<Resource Group Name>/PROVIDERS/MICROSOFT.EVENTHUB/NAMESPACES/<Event Hubs Namespace Name>",
"EventHubName": "<Event Hub full name>",
"partitionId": "1",
"archiveStep": "ArchiveFlushWriter",
"TimeGenerated(UTC)": "9/22/2016 5:11:21 AM",
"failures": 3,
"durationInSeconds": 360,
"message": "Microsoft.WindowsAzure.Storage.StorageException: The remote server returned an error: (404) Not Found. ---> System.Net.WebException: The remote server returned an error: (404) Not Found.\r\n at Microsoft.WindowsAzure.Storage.Shared.Protocol.HttpResponseParsers.ProcessExpectedStatusCodeNoException[T](HttpStatusCode expectedStatusCode, HttpStatusCode actualStatusCode, T retVal, StorageCommandBase`1 cmd, Exception ex)\r\n at Microsoft.WindowsAzure.Storage.Blob.CloudBlockBlob.<PutBlockImpl>b__3e(RESTCommand`1 cmd, HttpWebResponse resp, Exception ex, OperationContext ctx)\r\n at Microsoft.WindowsAzure.Storage.Core.Executor.Executor.EndGetResponse[T](IAsyncResult getResponseResult)\r\n --- End of inner exception stack trace ---\r\n at Microsoft.WindowsAzure.Storage.Core.Util.StorageAsyncResult`1.End()\r\n at Microsoft.WindowsAzure.Storage.Core.Util.AsyncExtensions.<>c__DisplayClass4.<CreateCallbackVoid>b__3(IAsyncResult ar)\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at System.",
"Provider":"EVENTHUB",
"Type":"AZMSArchiveLogs"
}
Operational logs schema
Operational log JSON strings include elements listed in the following table:
| Name | Description | Supported in AzureDiagnostics | Supported in AZMSOperationalLogs (Resource specific table) |
|---|---|---|---|
ActivityId |
Internal ID, used for tracking purposes | Yes | Yes |
EventName |
Operation name. For a list of values for this element, see the Event names | Yes | Yes |
resourceId |
Azure Resource Manager resource ID | Yes | Yes |
SubscriptionId |
Subscription ID | Yes | Yes |
EventTimeString |
Operation time | Yes | No |
Time Generated (UTC) |
Timestamp of operation | No | Yes |
EventProperties |
Properties for the operation. This element provides more information about the event as shown in the following example. | Yes | Yes |
Status |
Operation status. The value can be either Succeeded or Failed. | Yes | Yes |
Caller |
Caller of operation (Azure portal or management client) | Yes | Yes |
Category |
Log Category | Yes | No |
Provider |
Name of the service emitting the logs, for example, Event Hubs | No | Yes |
Type |
Type of logs emitted | No | Yes |
The following code is an example of an operational log JSON string:
AzureDiagnostics:
Example:
{
"ActivityId": "00000000-0000-0000-0000-00000000000000",
"EventName": "Create EventHub",
"resourceId": "/SUBSCRIPTIONS/00000000-0000-0000-0000-0000000000000/RESOURCEGROUPS/<Resource Group Name>/PROVIDERS/MICROSOFT.EVENTHUB/NAMESPACES/<Event Hubs namespace name>",
"SubscriptionId": "000000000-0000-0000-0000-000000000000",
"EventTimeString": "9/28/2016 8:40:06 PM +00:00",
"EventProperties": "{\"SubscriptionId\":\"0000000000-0000-0000-0000-000000000000\",\"Namespace\":\"<Namespace Name>\",\"Via\":\"https://<Namespace Name>.servicebus.windows.net/f8096791adb448579ee83d30e006a13e/?api-version=2016-07\",\"TrackingId\":\"5ee74c9e-72b5-4e98-97c4-08a62e56e221_G1\"}",
"Status": "Succeeded",
"Caller": "ServiceBus Client",
"category": "OperationalLogs"
}
Resource specific table entry:
Example:
{
"ActivityId": "00000000-0000-0000-0000-00000000000000",
"EventName": "Create EventHub",
"resourceId": "/SUBSCRIPTIONS/00000000-0000-0000-0000-0000000000000/RESOURCEGROUPS/<Resource Group Name>/PROVIDERS/MICROSOFT.EVENTHUB/NAMESPACES/<Event Hubs namespace name>",
"SubscriptionId": "000000000-0000-0000-0000-000000000000",
"TimeGenerated (UTC)": "9/28/2016 8:40:06 PM +00:00",
"EventProperties": "{\"SubscriptionId\":\"0000000000-0000-0000-0000-000000000000\",\"Namespace\":\"<Namespace Name>\",\"Via\":\"https://<Namespace Name>.servicebus.windows.net/f8096791adb448579ee83d30e006a13e/?api-version=2016-07\",\"TrackingId\":\"5ee74c9e-72b5-4e98-97c4-08a62e56e221_G1\"}",
"Status": "Succeeded",
"Caller": "ServiceBus Client",
"Provider": "EVENTHUB",
"Type":"AZMSOperationalLogs"
}
Event names
Event name is populated as operation type + resource type from the following enumerations. For example, Create Queue, Retrieve Event Hub, or Delete Rule.
| Operation type | Resource type |
|---|---|
| - Create - Update - Delete - Retrieve - Unknown |
- Namespace - Queue - Topic - Subscription - Event Hubs - SharedAccessPolicy - UsageCredit - Rule - ConsumerGroup |
Autoscale logs schema
Autoscale log JSON includes elements listed in the following table:
| Name | Description | Supported in Azure Diagnostics | Supported in AZMSAutoscaleLogs (Resource specific table) |
|---|---|---|---|
TrackingId |
Internal ID, which is used for tracing purposes | Yes | Yes |
ResourceId |
Azure Resource Manager resource ID. | Yes | Yes |
Message |
Informational message, which provides details about autoinflate action. The message contains previous and current value of throughput unit for a given namespace and what triggered the inflate of the TU. | Yes | Yes |
Time Generated (UTC) |
Timestamp of operation | No | Yes |
Provider |
Name of Service emitting the logs, for example, Event Hubs | No | Yes |
Type |
Type of logs emitted | No | Yes |
Here's an example autoscale event:
AzureDiagnostics:
{
"TrackingId": "fb1b3676-bb2d-4b17-85b7-be1c7aa1967e",
"Message": "Scaled-up EventHub TUs (UpdateStartTimeUTC: 5/13/2021 7:48:36 AM, PreviousValue: 1, UpdatedThroughputUnitValue: 2, AutoScaleReason: 'IncomingMessagesPerSecond reached 2170')",
"ResourceId": "/subscriptions/0000000-0000-0000-0000-000000000000/resourcegroups/testrg/providers/microsoft.eventhub/namespaces/namespace-name"
}
Resource specific table entry:
{
"TrackingId": "fb1b3676-bb2d-4b17-85b7-be1c7aa1967e",
"Message": "Scaled-up EventHub TUs (UpdateStartTimeUTC: 5/13/2021 7:48:36 AM, PreviousValue: 1, UpdatedThroughputUnitValue: 2, AutoScaleReason: 'IncomingMessagesPerSecond reached 2170')",
"ResourceId": "/subscriptions/0000000-0000-0000-0000-000000000000/resourcegroups/testrg/providers/microsoft.eventhub/namespaces/namespace-name",
"timeGenerated (UTC) : "9/28/2022 8:40:06 PM +00:00",
"Provider" : "EVENTHUB",
"Type" : "AZMSAutoscaleLogs"
}
Kafka coordinator logs schema
Kafka coordinator log JSON includes elements listed in the following table:
| Name | Description | Supported in Azure Diagnostics | Supported in AZMSKafkaCoordinatorLogs (Resource specific table) |
|---|---|---|---|
RequestId |
Request ID, which is used for tracing purposes | Yes | Yes |
ResourceId |
Azure Resource Manager resource ID | Yes | Yes |
Operation |
Name of the operation done during the group coordination | Yes | Yes |
ClientId |
Client ID | Yes | Yes |
NamespaceName |
Namespace name | Yes | Yes |
SubscriptionId |
Azure subscription ID | Yes | Yes |
Message |
Informational or warning message, which provides details about actions done during the group coordination. | Yes | Yes |
Time Generated (UTC) |
Timestamp of operation | No | Yes |
Provider |
Name of Service emitting the logs, for example, ServiceBus | No | Yes |
Type |
Type of log emitted | No | Yes |
Example
AzureDiagnostics:
{
"RequestId": "FE01001A89E30B020000000304620E2A_KafkaExampleConsumer#0",
"Operation": "Join.Start",
"ClientId": "KafkaExampleConsumer#0",
"Message": "Start join group for new member namespace-name:c:$default:I:KafkaExampleConsumer#0-cc40856f7f3c4607915a571efe994e82, current group size: 0, API version: 2, session timeout: 10000ms, rebalance timeout: 300000ms.",
"SubscriptionId": "0000000-0000-0000-0000-000000000000",
"NamespaceName": "namespace-name",
"ResourceId": "/subscriptions/0000000-0000-0000-0000-000000000000/resourcegroups/testrg/providers/microsoft.eventhub/namespaces/namespace-name",
"Category": "KafkaCoordinatorLogs"
}
Resource Specific table entry:
{
"RequestId": "FE01001A89E30B020000000304620E2A_KafkaExampleConsumer#0",
"Operation": "Join.Start",
"ClientId": "KafkaExampleConsumer#0",
"Message": "Start join group for new member namespace-name:c:$default:I:KafkaExampleConsumer#0-cc40856f7f3c4607915a571efe994e82, current group size: 0, API version: 2, session timeout: 10000ms, rebalance timeout: 300000ms.",
"SubscriptionId": "0000000-0000-0000-0000-000000000000",
"NamespaceName": "namespace-name",
"ResourceId": "/subscriptions/0000000-0000-0000-0000-000000000000/resourcegroups/testrg/providers/microsoft.eventhub/namespaces/namespace-name",
"Time Generated (UTC) ": "9/28/2022 8:40:06 PM +00:00",
"Provider" : "EVENTHUB",
"Type" : "AZMSKafkaCoordinatorLogs"
}
Kafka user error logs schema
Kafka user error log JSON includes elements listed in the following table:
| Name | Description | Supported in Azure Diagnostics | Supported in AZMSKafkaUserErrorLogs (Resource specific table) |
|---|---|---|---|
TrackingId |
Tracking ID, which is used for tracing purposes. | Yes | Yes |
NamespaceName |
Namespace name | Yes | Yes |
Eventhub |
Event hub name | Yes | Yes |
PartitionId |
Partition ID | Yes | Yes |
GroupId |
Group ID | Yes | Yes |
ClientId |
Client ID | Yes | Yes |
ResourceId |
Azure Resource Manager resource ID. | Yes | Yes |
Message |
Informational message, which provides details about an error | Yes | Yes |
TimeGenerated (UTC) |
Timestamp for executed operation | No | Yes |
Provider |
Name of service emitting the logs, for example, Event Hubs | No | Yes |
Type |
Type of log emitted | NO | Yes |
Event Hubs virtual network connection event schema
Event Hubs virtual network (virtual network) connection event JSON includes elements listed in the following table:
| Name | Description | Supported in Azure Diagnostics | Supported in AZMSVNetConnectionevents (Resource specific table) |
|---|---|---|---|
SubscriptionId |
Azure subscription ID | Yes | Yes |
NamespaceName |
Namespace name | Yes | Yes |
IPAddress |
IP address of a client connecting to the Event Hubs service | Yes | Yes |
Action |
Action done by the Event Hubs service when evaluating connection requests. Supported actions are Accept Connection and Deny Connection. | Yes | Yes |
Reason |
Provides a reason why the action was done | Yes | No |
Message |
Provides a reason why the action was done | No | Yes |
Count |
Number of occurrences for the given action | Yes | Yes |
ResourceId |
Azure Resource Manager resource ID. | Yes | Yes |
Time Generated (UTC) |
Timestamp of operation | No | Yes |
Provider |
Name of Service emitting the logs, for example, ServiceBus | No | Yes |
Type |
AZMSVNetConnectionevents | No | Yes |
Virtual network logs are generated only if the namespace allows access from selected networks or from specific IP addresses (IP filter rules). If you don't want to restrict the access to your namespace using these features and still want to get virtual network logs to track IP addresses of clients connecting to the Event Hubs namespace, you could use the following workaround. Enable IP filtering, and add the total addressable IPv4 range (0.0.0.0/1 - 128.0.0.0/1) and IPv6 range (::/1 - 8000::/1). Event Hubs IP filtering doesn't support IPv6 ranges. You might see private endpoint addresses in the IPv6 format in the log.
Example
AzureDiagnostics:
{
"SubscriptionId": "0000000-0000-0000-0000-000000000000",
"NamespaceName": "namespace-name",
"IPAddress": "1.2.3.4",
"Action": "Deny Connection",
"Reason": "IPAddress doesn't belong to a subnet with Service Endpoint enabled.",
"Count": "65",
"ResourceId": "/subscriptions/0000000-0000-0000-0000-000000000000/resourcegroups/testrg/providers/microsoft.eventhub/namespaces/namespace-name",
"Category": "EventHubVNetConnectionEvent"
}
Resource specific table entry:
{
"SubscriptionId": "0000000-0000-0000-0000-000000000000",
"NamespaceName": "namespace-name",
"IPAddress": "1.2.3.4",
"Action": "Deny Connection",
"Message": "IPAddress doesn't belong to a subnet with Service Endpoint enabled.",
"Count": "65",
"ResourceId": "/subscriptions/0000000-0000-0000-0000-000000000000/resourcegroups/testrg/providers/microsoft.eventhub/namespaces/namespace-name",
"Provider": "EVENTHUB",
"Time Generated (UTC) ": "9/28/2022 8:40:06 PM +00:00",
"Type" : "AZMSKafkauserErrorlogs"
}
Customer-managed key user logs schema
Customer-managed key user log JSON includes elements listed in the following table:
| Name | Description | Supported in Azure Diagnostics | Supported in AZMSCustomerManagedKeyUserLogs (Resource specific table) |
|---|---|---|---|
Category |
Type of category for a message. It's one of the following values: error and info. For example, if the key from your key vault is being disabled, then it would be an information category or if a key can't be unwrapped, it could fall under error. | Yes | Yes |
ResourceId |
Internal resource ID, which includes Azure subscription ID and namespace name | Yes | Yes |
KeyVault |
Name of the Key Vault resource | Yes | Yes |
Key |
Name of the Key Vault key that's used to encrypt the Event Hubs namespace. | Yes | Yes |
Version |
Version of the Key Vault key. | Yes | Yes |
Operation |
The operation that's performed on the key in your key vault. For example, disable/enable the key, wrap, or unwrap. | Yes | Yes |
Code |
The code associated with the operation. Example: Error code, 404 means that key wasn't found. | Yes | Yes |
Message |
Message, which provides details about an error or informational message | Yes | Yes |
Time Generated (UTC) |
Timestamp of operation | No | Yes |
Provider |
Name of Service emitting the logs, for example, ServiceBus | No | Yes |
Type |
Type of log emitted | No | Yes |
Here's an example of the log for a customer managed key:
AzureDiagnostics:
{
"TaskName": "CustomerManagedKeyUserLog",
"ActivityId": "11111111-1111-1111-1111-111111111111",
"category": "error"
"resourceId": "/SUBSCRIPTIONS/11111111-1111-1111-1111-11111111111/RESOURCEGROUPS/DEFAULT-EVENTHUB-CENTRALUS/PROVIDERS/MICROSOFT.EVENTHUB/NAMESPACES/FBETTATI-OPERA-EVENTHUB",
"keyVault": "https://mykeyvault.vault-int.azure-int.net",
"key": "mykey",
"version": "1111111111111111111111111111111",
"operation": "wrapKey",
"code": "404",
"message": "Key not found: ehbyok0/111111111111111111111111111111"
}
{
"TaskName": "CustomerManagedKeyUserLog",
"ActivityId": "11111111111111-1111-1111-1111111111111",
"category": "info"
"resourceId": "/SUBSCRIPTIONS/111111111-1111-1111-1111-11111111111/RESOURCEGROUPS/DEFAULT-EVENTHUB-CENTRALUS/PROVIDERS/MICROSOFT.EVENTHUB/NAMESPACES/FBETTATI-OPERA-EVENTHUB",
"keyVault": "https://mykeyvault.vault-int.azure-int.net",
"key": "mykey",
"version": "111111111111111111111111111111",
"operation": "disable | restore",
"code": "",
"message": ""
}
Resource specific table entry:
{
"TaskName": "CustomerManagedKeyUserLog",
"ActivityId": "11111111-1111-1111-1111-111111111111",
"category": "error"
"resourceId": "/SUBSCRIPTIONS/11111111-1111-1111-1111-11111111111/RESOURCEGROUPS/DEFAULT-EVENTHUB-CENTRALUS/PROVIDERS/MICROSOFT.EVENTHUB/NAMESPACES/FBETTATI-OPERA-EVENTHUB",
"keyVault": "https://mykeyvault.vault-int.azure-int.net",
"key": "mykey",
"version": "1111111111111111111111111111111",
"operation": "wrapKey",
"code": "404",
"message": "Key not found: ehbyok0/111111111111111111111111111111",
"Provider": "EVENTHUB",
"Time Generated (UTC) ": "9/28/2022 8:40:06 PM +00:00",
"Type" : "AZMSCustomerManagedKeyUserLogs"
}
{
"TaskName": "CustomerManagedKeyUserLog",
"ActivityId": "11111111111111-1111-1111-1111111111111",
"category": "info"
"resourceId": "/SUBSCRIPTIONS/111111111-1111-1111-1111-11111111111/RESOURCEGROUPS/DEFAULT-EVENTHUB-CENTRALUS/PROVIDERS/MICROSOFT.EVENTHUB/NAMESPACES/FBETTATI-OPERA-EVENTHUB",
"keyVault": "https://mykeyvault.vault-int.azure-int.net",
"key": "mykey",
"version": "111111111111111111111111111111",
"operation": "disable | restore",
"code": "",
"message": "",
"Provider": "EVENTHUB",
"Time Generated (UTC) ": "9/28/2022 8:40:06 PM +00:00",
"Type" : "AZMSCustomerManagedKeyUserLogs"
}
Following are the common errors codes to look for when BYOK encryption is enabled.
| Action | Error code | Resulting state of data |
|---|---|---|
| Remove wrap/unwrap permission from a key vault | 403 | Inaccessible |
| Remove Microsoft Entra ID role membership from a Microsoft Entra principal that granted the wrap/unwrap permission | 403 | Inaccessible |
| Delete an encryption key from the key vault | 404 | Inaccessible |
| Delete the key vault | 404 | Inaccessible (assumes soft-delete is enabled, which is a required setting.) |
| Changing the expiration period on the encryption key such that it's already expired | 403 | Inaccessible |
| Changing the NBF (not before) such that key encryption key isn't active | 403 | Inaccessible |
| Selecting the Allow MSFT Services option for the key vault firewall or otherwise blocking network access to the key vault that has the encryption key | 403 | Inaccessible |
| Moving the key vault to a different tenant | 404 | Inaccessible |
| Intermittent network issue or DNS/AAD/MSI outage | Accessible using cached data encryption key |
Runtime audit logs
Runtime audit logs capture aggregated diagnostic information for all data plane access operations (such as send or receive events) in Event Hubs.
Note
Runtime audit logs are available only in premium and dedicated tiers.
Runtime audit logs include the elements listed in the following table:
| Name | Description | Supported in Azure Diagnostics | Supported in Resource Specific table |
|---|---|---|---|
ActivityId |
A randomly generated UUID that ensures uniqueness for the audit activity. | Yes | Yes |
ActivityName |
Runtime operation name. | Yes | Yes |
ResourceId |
Resource associated with the activity. | Yes | Yes |
Timestamp |
Aggregation time. | Yes | No |
TimeGenerated [UTC] |
Time of executed operation (in UTC) | No | Yes |
Status |
Status of the activity (success or failure). | Yes | Yes |
Protocol |
Type of the protocol associated with the operation. | Yes | Yes |
AuthType |
Type of authentication (Microsoft Entra ID or SAS Policy). | Yes | Yes |
AuthKey |
Microsoft Entra ID application ID or SAS policy name that's used to authenticate to a resource. | Yes | Yes |
NetworkType |
Type of the network access: Public or Private. |
Yes | Yes |
ClientIP |
IP address of the client application. | Yes | Yes |
Count |
Total number of operations performed during the aggregated period of 1 minute. | Yes | Yes |
Properties |
Metadata that are specific to the data plane operation. | Yes | Yes |
Category |
Log category | Yes | No |
Provider |
Name of Service emitting the logs, such as EventHubs | No | Yes |
Type |
Type of logs emitted | No | Yes |
Here's an example of a runtime audit log entry:
AzureDiagnostics:
{
"ActivityId": "<activity id>",
"ActivityName": "ConnectionOpen | Authorization | SendMessage | ReceiveMessage",
"ResourceId": "/SUBSCRIPTIONS/xxx/RESOURCEGROUPS/<Resource Group Name>/PROVIDERS/MICROSOFT.EVENTHUB/NAMESPACES/<Event Hubs namespace>/eventhubs/<event hub name>",
"Time": "1/1/2021 8:40:06 PM +00:00",
"Status": "Success | Failure",
"Protocol": "AMQP | KAFKA | HTTP | Web Sockets",
"AuthType": "SAS | Azure Active Directory",
"AuthId": "<AAD application name | SAS policy name>",
"NetworkType": "Public | Private",
"ClientIp": "x.x.x.x",
"Count": 1,
"Category": "RuntimeAuditLogs"
}
Resource specific table entry:
{
"ActivityId": "<activity id>",
"ActivityName": "ConnectionOpen | Authorization | SendMessage | ReceiveMessage",
"ResourceId": "/SUBSCRIPTIONS/xxx/RESOURCEGROUPS/<Resource Group Name>/PROVIDERS/MICROSOFT.EVENTHUB/NAMESPACES/<Event Hubs namespace>/eventhubs/<event hub name>",
"TimeGenerated (UTC)": "1/1/2021 8:40:06 PM +00:00",
"Status": "Success | Failure",
"Protocol": "AMQP | KAFKA | HTTP | Web Sockets",
"AuthType": "SAS | Azure Active Directory",
"AuthId": "<AAD application name | SAS policy name>",
"NetworkType": "Public | Private",
"ClientIp": "x.x.x.x",
"Count": 1,
"Type": "AZMSRuntimeAUditLogs",
"Provider":"EVENTHUB"
}
Application metrics logs
Application metrics logs capture the aggregated information on certain metrics related to data plane operations. The captured information includes the following runtime metrics.
Note
Application metrics logs are available only in premium and dedicated tiers.
| Name | Description |
|---|---|
ConsumerLag |
Indicate the lag between consumers and producers. |
NamespaceActiveConnections |
Details of active connections established from a client to the event hub. |
GetRuntimeInfo |
Obtain run time information from Event Hubs. |
GetPartitionRuntimeInfo |
Obtain the approximate runtime information for a logical partition of an event hub. |
IncomingMessages |
Details of number of messages published to Event Hubs. |
IncomingBytes |
Details of Publisher throughput sent to Event Hubs |
OutgoingMessages |
Details of number of messages consumed from Event Hubs. |
OutgoingBytes |
Details of Consumer throughput from Event Hubs. |
OffsetCommit |
Number of offset commit calls made to the event hub |
OffsetFetch |
Number of offset fetch calls made to the event hub. |
Diagnostic Error Logs
Diagnostic error logs capture error messages for any client side, throttling, and Quota exceeded errors. They provide detailed diagnostics for error identification.
Diagnostic Error Logs include elements listed in following table:
| Name | Description | Supported in Azure Diagnostics | Supported in AZMSDiagnosticErrorLogs (Resource specific table) |
|---|---|---|---|
ActivityId |
A randomly generated UUID that ensures uniqueness for the audit activity. | Yes | Yes |
ActivityName |
Operation name | Yes | Yes |
NamespaceName |
Name of Namespace | Yes | yes |
EntityType |
Type of Entity | Yes | Yes |
EntityName |
Name of Entity | Yes | Yes |
OperationResult |
Type of error in Operation (clienterror or serverbusy or quotaexceeded) |
Yes | Yes |
ErrorCount |
Count of identical errors during the aggregation period of 1 minute. | Yes | Yes |
ErrorMessage |
Detailed Error Message | Yes | Yes |
ResourceProvider |
Name of Service emitting the logs. Possible values: Microsoft.EventHub and Microsoft.ServiceBus |
Yes | Yes |
Time Generated (UTC) |
Operation time | No | Yes |
EventTimestamp |
Operation Time | Yes | No |
Category |
Log category | Yes | No |
Type |
Type of Logs emitted | No | Yes |
Here's an example of Diagnostic error log entry:
{
"ActivityId": "0000000000-0000-0000-0000-00000000000000",
"SubscriptionId": "<Azure Subscription Id",
"NamespaceName": "Name of Event Hubs Namespace",
"EntityType": "EventHub",
"EntityName": "Name of Event Hub",
"ActivityName": "SendMessage",
"ResourceId": "/SUBSCRIPTIONS/xxx/RESOURCEGROUPS/<Resource Group Name>/PROVIDERS/MICROSOFT.EVENTHUB/NAMESPACES/<Event hub namespace name>",,
"OperationResult": "ServerBusy",
"ErrorCount": 1,
"EventTimestamp": "3/27/2024 1:02:29.126 PM +00:00",
"ErrorMessage": "the request was terminated because the entity is being throttled by the application group with application group name <application group name> and policy name <throttling policy name>.error code: 50013.",
"category": "DiagnosticErrorLogs"
}
Resource specific table entry:
{
"ActivityId": "0000000000-0000-0000-0000-00000000000000",
"NamespaceName": "Name of Event Hubs Namespace",
"EntityType": "Event Hub",
"EntityName": "Name of Event Hub",
"ActivityName": "SendMessage",
"ResourceId": "/SUBSCRIPTIONS/xxx/RESOURCEGROUPS/<Resource Group Name>/PROVIDERS/MICROSOFT.EVENTHUB/NAMESPACES/<Event hub namespace name>",,
"OperationResult": "ServerBusy",
"ErrorCount": 1,
"TimeGenerated [UTC]": "1/27/2024 4:02:29.126 PM +00:00",
"ErrorMessage": "The request was terminated because the entity is being throttled by the application group with application group name <application group name> and policy name <throttling policy name>.error code: 50013.",
"Type": "AZMSDiagnosticErrorLogs"
}
Activity log
The linked table lists the operations that can be recorded in the activity log for this service. These operations are a subset of all the possible resource provider operations in the activity log.
For more information on the schema of activity log entries, see Activity Log schema.
Related content
- See Monitor Azure Event Hubs for a description of monitoring Event Hubs.
- See Monitor Azure resources with Azure Monitor for details on monitoring Azure resources.