Hi,
I’m having some issues with the Azure Monitoring.
First, the manual in CheckMK isn’t correct. It’s old and outdated.
In Azure they don’t speak of just a value but also of a secret ID. But both doesn’t work.
It always worked in 1.6p but since we moved to 2.0 it broke.
I’m testing it in the latest version of CheckMK but still it doesn’t work. It keeps saying “invalid client” / “invalid client secret is provided” but i’m 100% sure that it’s all correct.
Only that SecretID/Value is something i’m not 100% sure. I know that the values are correct and i’ve tried them in different orders (first SecretID/Value and viceversa) only secretID, only value. But nothing works.
I hope someone can help me with this and to update manuals in CheckMK docs because a lot is still created for 1.6 and it’s really different compared to v2.0.
Tried it again. Deleted the key, created a new one (for the fifth time) and now it’s saying: Graph client: Insufficient privileges to complete the operation.CRIT, Management client: {“error”:“invalid_client”,“error_description”:"AADSTS7000215: Invalid client secret is provided.
But i followed the manual, so i don’t know what i’ve missed.
Before that i only had the invalid client part. And i had an ok on the checkmk parameter.
Now i have two CRITs.
Error message changed:
Now i’m making too many request. The insufficient privileges is still there, but the invalid client is changed in too many request.
Still have enough API requests left, according to the error message.
So how can i fix this issue?
It keeps getting issues. One resolved (i think) next one pops up.
I’ve checked on the cli if the piggy_orphans are there (share/doc/check_mk/treasures/find_piggy_orphans)
And they are. So there is some kind of connection but it’s not working. I keep getting those CRIT notifications. Lost connections, too much request etc. And no info or three OK’s.
I was having the same issues.
I followed this article: Monitoring Microsoft Azure (checkmk.com) but I can confirm it’s both outdated and wrong.
First: the “username” is not the app Secret-ID, but it is the Client-ID (it would help if the docs used the SAME guid identifier so that we could just infer from that).
Second, I had to go to API permissions and assign User.Read.All (type Application, not Delegated) and give admin consent to it.
This resolved the critical errors on “Azure Agent Info” service check.
I am still trying to understand if I can further reduce the permissions… anyone on this ?
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.