Glad to hear that you were able to resolve your issue @MarcVanderhaegen. Q&A doesn't recognize answers from the original poster. Therefore, to help the broader community, I'm reposting that you were able to resolve issue by adding *.ods.opinsights.azure.com
to your firewall.
Machine onboarded and 'Connected' in Arc but no heartbeat, no Insights
MarcVanderhaegen
241
Reputation points
Hello,
We have installed the Azure Arc agent on a machine.
The status of the machine is 'Connected'.
The installed extensions are AzureMonitorWindowsAgent, ChangeTracking-Windows and MDE-Windows. All the extensions have a status of Succeeded. They are also at the most up to date version.
On the machine if I execute azcmagent check --location westeurope
I get :
INFO Testing connectivity to endpoints that are needed to connect to Azure... This might take a few minutes.
ENDPOINT |REACHABLE |PRIVATE |TLS |PROXY
https://agentserviceapi.guestconfiguration.azure.com |true |unknown |TLS 1.2 |set
https://gbl.his.arc.azure.com |true |unknown |TLS 1.3 |set
https://login.microsoftonline.com |true |unknown |TLS 1.3 |set
https://login.windows.net |true |unknown |TLS 1.3 |set
https://management.azure.com |true |unknown |TLS 1.2 |set
https://pas.windows.net |true |unknown |TLS 1.2 |set
https://westeurope-gas.guestconfiguration.azure.com |true |unknown |TLS 1.2 |set
https://weu.his.arc.azure.com |true |unknown |TLS 1.3 |set
The problems are :
- no heartbeat can be found in the Logs. The sipmlest query 'Heartbeat' returns aa error message "'table' operator: Failed to resolve table expression named 'Heartbeat'"
- no insights data can be found in the Logs. Checking in the portal for that machine Monitoring\Insights, all the performance graphics report 'Error retrieving data'. The table ConfigurationChange doesn't exist.
- Operations\Inventory reports nothing So the machine seems to be well connected but doesn't seem to send data back. The machine has also been onboarded in Microsoft Defender and for that part everything seems OK, the machine is sending back adata, as I can see the list of discovered vulnerabilities, list of logged-on users etc... This is a machine in a restricted network and we have asked the network team to allow the addresses from the MS Docs through the proxy but it seems we could be missing some. We have asked them to verify again and we are waiting for their answer. It is strange that Arc reports the machine as Connected when there is no heartbeat recorded. Does anyone knows what we could be missing and were we could eventualy find an error message on the machine ? Thanks for your help.
Accepted answer
-
Ryan Hill 26,241 Reputation points Microsoft Employee
2024-02-13T16:30:51.6266667+00:00
1 additional answer
Sort by: Most helpful
-
MarcVanderhaegen 241 Reputation points
2024-02-08T06:33:23.64+00:00 Problem solved, one requirement was forgotten in the firewall (*.ods.opinsights.azure.com)