Share via

Why not all my VMs can connect to same Log Analytics Workspace?

Eric Chen 96 Reputation points
2022-01-20T08:09:24.937+00:00

Dear all,

I have 4 Azure VMs running Windows 2019 datacenter, and building Log Analytics for them.

Log Analytics Workspcae is runing fine with one of those VMs, could get its logs recetrived,
but I noticed just only one VM acctually connected fine, as shown below, it seems only 1 VMs connected to this Log Analytics Workspace.
166687-image.png

But, I checked all of the Log Analytics Agent, known as MMA agent, installed fine, and I can see all 4 VM shown have connnected to this Log Analytics Wrokspace,
from Log Analytics Wrokspace data source panel.
166724-image.png

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
9,032 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Prrudram-MSFT 28,206 Reputation points Moderator
    2022-01-22T13:12:49.953+00:00

    Hello @Anonymous ,

    Thank you for reaching out to Microsoft Q&A platform. Happy to answer your question.

    It appears to be a connectivity issue. If the agent is communicating through a proxy server or firewall, there may be restrictions in place preventing communication from the source computer and the Azure Monitor service. In case communication is blocked, because of misconfiguration, registration with a workspace might have failed while attempting to configure the agent post-setup or the Agent communication may fail after successful registration.

    Recommendations:

    Assuming the other 3 machines have internet connectivity to Log Analytics workspace, attempt to reregister the log analytics agent with workspace using the workspace ID and Key. You can find these ID and Key under agent management blade in log analytics workspace
    167424-image.png
    In case of restricted internet, please make sure, that the firewall or proxy is configured to allow the following ports and URLs described in the following table. Also confirm HTTP inspection is not enabled for web traffic, as it can prevent a secure TLS channel between the agent and Azure Monitor.

    Agent Resource Ports Direction Bypass HTTPS inspection
    *.ods.opinsights.azure.com Port 443 Outbound Yes
    *.oms.opinsights.azure.com Port 443 Outbound Yes
    *.blob.core.windows.net Port 443 Outbound Yes
    *.agentsvc.azure-automation.net Port 443 Outbound Yes

    Reference : agent-windows-troubleshoot

    Verify the agent connectivity to azure monitor, from the computer in Control Panel, find the item Microsoft Monitoring Agent. Select it and on the Azure Log Analytics tab, the agent should display a message stating: The Microsoft Monitoring Agent has successfully connected to the Microsoft Operations Management Suite service.

    167348-image.png

    You could also configure agent health. The Agent Health solution in Azure helps you understand which monitoring agents are unresponsive and submitting operational data. Reference :
    solution-agenthealth

    Please "Accept as Answer" and upvote if this response has helped. so that, it can help others in community looking for remediation for the similar issues

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.