How to troubleshoot 504, 502 , 4xx errors in App Gateway

Question

Hello,

I'm newbie in Azure and have 10 applications hosted in IIS(VMSS Instance),I'm getting frequent 504 error in one of the application, How can I troubleshoot what request and what page is exactly causing the problem .

Note : I configured configured logs using Azure log Analytics but don't know how to use it (suggest me if there is any article)

I see there are multiple options , which of these would help me identify the problem.

1.Diagnose and solve problems.

2. Logs using Azure log Analytics.

3.Backend Health.

4. Health probes.

Answer 1

Hello @Raghava Sai Akula ,

Apologies for the delay in response.

I understand that you would like to know what is the best way to troubleshoot 504, 502 & 4xx errors in Azure Application Gateway.

To start with, you can check the backend health of the Application gateway and see if you are receiving any unhealthy health status and what is the message specified for same in the details section. Then you can refer the below doc to search for that message and troubleshoot according to the cause and resolution listed.

Refer: https://learn.microsoft.com/en-us/azure/application-gateway/application-gateway-backend-health-troubleshooting

For 502 errors, you can also refer the below troubleshooting doc:

https://learn.microsoft.com/en-us/azure/application-gateway/application-gateway-troubleshooting-502

You can also refer the below doc which list the HTTP response codes that can be returned by Azure Application Gateway. It also provides the common causes & troubleshooting steps for the respective codes to help you determine the root cause.

https://learn.microsoft.com/en-us/azure/application-gateway/http-response-codes

Another way to troubleshoot these errors would be via "Diagnose and solve problems" tab in your Application gateway on Azure portal which lists the most common problems, and you can select "Troubleshoot" under a problem type to run an automated troubleshooter.

I see you've mentioned that you've configured logs using Azure log analytics on the Application gateway. You can check the Application gateway Access logs and filter the 502/504/4xx http status codes to see which host/URL is failing.

Refer: https://learn.microsoft.com/en-us/azure/application-gateway/application-gateway-diagnostics

https://learn.microsoft.com/en-us/azure/azure-monitor/insights/azure-networking-analytics

To use queries in Azure Monitor log analytics, you can refer the below docs:

https://learn.microsoft.com/en-us/azure/azure-monitor/logs/log-analytics-overview

https://learn.microsoft.com/en-us/azure/azure-monitor/logs/queries

So, to access your Application gateway access logs, follow the below steps:

1. Go to the Application gateway resource and under Monitoring, select Diagnostic settings.
2. Click on the configured Log analytics workspace. It will take you to that log analytic workspace resource.
3. Click Logs on the log analytics workspace and select an available query from the query pack by filtering it with Application gateway resource type or write your own query depending upon your requirement and run it to get the logs.

Example query to get all Application gateway access logs with HTTP status code greater than 399:

AzureDiagnostics
| where ResourceType == "APPLICATIONGATEWAYS" and OperationName == "ApplicationGatewayAccess" and httpStatus_d > 399

Kindly let us know if the above helps or you need further assistance on this issue.

---

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.