Errors observed in the JumpCloud Function App #11695
Comments
|
Hi @JustineTheHacker, Thanks for flagging this issue, we will investigate this issue and get back to you with some updates. Thanks! |
|
Hi @JustineTheHacker, Below is the updated zip link: Go to your function app, and update the above link in WEBSITE_RUN_FROM_PACKAGE:
We have tested with available data and could not get any Error in a Log Stream :
Thanks! |
|
@JustineTheHacker, Waiting for your response on above comment. Thanks! |
|
Hi @v-sudkharat , We have now test this -- however, we've seen a drastic reduction in the logs being feeded to Sentinel (which is strangely unusual) |
|
@JustineTheHacker, Thank you for the response. we will check for the connector behavior with the connector author. we will request you, If you have already tested it in your production function app and not in a lab test environment, please update the website run from the package link to the old one, as this will help ensure no logs are missed. If you are still testing in a lab environment, we recommend keeping the change in place and allowing more time to see if it reduces the logs. Additionally, please check whether you are encountering the same error in the log stream as seen in the preview. Additionally, We would also like to request that you verify the logs in the JumpCloud console to ensure that the logs being received in Sentinel are the same. Thanks! |
|
@JustineTheHacker, could you please verify and let us know that while deployment of the new function app in which the logs are reduced, is value for the
Change in event type value also may the reason for it. |
|
Hi @v-sudkharat, I presume it still is. We didn't change anything aside from the WEBSITE_RUN_FROM_PACKAGE link. Unfortuantely, we won't be able to provide any logs from our end for confidentiality purposes. Would it be better to delete the old function app, and repdeloy a new one using the new package you provided? Kind Regards |
|
Hi @v-sudkharat , I have checked the event types and we're still getting the same event types (though at a much lower rate) Kind Regards |
|
Hi @JustineTheHacker, instead of deleting the function app, we recommend simply restarting the function app after updating the Answering to your question - We tested the concern you shared with two different scenarios, deploying two function apps in different environments to verify if there’s any reduction in logs after updating the function app. In our JumpCloud console we have Total 26 event count of logs:
In both workspaces, we observed no reduction in the log count. The logs remained consistent. Thanks! |
Hi Team,
We've recently used the JumpCloud data connector available in this repository. Logs are now flowing in to Microsoft Sentinel. However, we're seeing 2 errors in the log stream. See below:
Error 1:
2025-01-08T13:10:20Z [Warning] Error response [ea143ec5-5517-4b81-91df-563cdbbe1b0f] 409 The specified container already exists. (00.0s) Server:Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id:f8127057-d01e-0011-7fce-612bae000000 x-ms-client-request-id:ea143ec5-5517-4b81-91df-563cdbbe1b0f x-ms-version:2023-11-03 x-ms-error-code:ContainerAlreadyExists Date:Wed, 08 Jan 2025 13:10:19 GMT Content-Length:230 Content-Type:application/xml
Error 2:
2025-01-21T11:35:07Z [Error] ERROR: Cannot find an overload for "ToString" and the argument count: "1". Exception : Type : System.Management.Automation.MethodException ErrorRecord : Exception : Type : System.Management.Automation.ParentContainsErrorRecordException Message : Cannot find an overload for "ToString" and the argument count: "1". HResult : -2146233087 CategoryInfo : NotSpecified: (:) [], ParentContainsErrorRecordException FullyQualifiedErrorId : MethodCountCouldNotFindBest InvocationInfo : ScriptLineNumber : 136 OffsetInLine : 9 HistoryId : 1 ScriptName : C:\home\site\wwwroot\JCQueueTrigger1\run.ps1 Line : $LastRecordTimestamp = $LastRecordTimeStamp.ToString('yyyy-MM-ddThh:mm:ssZ') Statement : $LastRecordTimestamp = $LastRecordTimeStamp.ToString('yyyy-MM-ddThh:mm:ssZ') PositionMessage : At C:\home\site\wwwroot\JCQueueTrigger1\run.ps1:136 char:9 + $LastRecordTimestamp = $LastRecordTimeStamp.ToString('yyyy-MM … + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ PSScriptRoot : C:\home\site\wwwroot\JCQueueTrigger1 PSCommandPath : C:\home\site\wwwroot\JCQueueTrigger1\run.ps1 CommandOrigin : Internal ScriptStackTrace : at , C:\home\site\wwwroot\JCQueueTrigger1\run.ps1: line 136 TargetSite : System.Object CallSite.Target(System.Runtime.CompilerServices.Closure, System.Runtime.CompilerServices.CallSite, System.Object, System.String) Message : Cannot find an overload for "ToString" and the argument count: "1". Source : Anonymously Hosted DynamicMethods Assembly HResult : -2146233087 StackTrace : at CallSite.Target(Closure, CallSite, Object, String) at System.Dynamic.UpdateDelegates.UpdateAndExecute2[T0,T1,TRet](CallSite site, T0 arg0, T1 arg1) at CallSite.Target(Closure, CallSite, Object, String) at (Closure, FunctionContext) CategoryInfo : NotSpecified: (:) [], MethodException FullyQualifiedErrorId : MethodCountCouldNotFindBest InvocationInfo : ScriptLineNumber : 136 OffsetInLine : 9 HistoryId : 1 ScriptName : C:\home\site\wwwroot\JCQueueTrigger1\run.ps1 Line : $LastRecordTimestamp = $LastRecordTimeStamp.ToString('yyyy-MM-ddThh:mm:ssZ') Statement : $LastRecordTimestamp = $LastRecordTimeStamp.ToString('yyyy-MM-ddThh:mm:ssZ') PositionMessage : At C:\home\site\wwwroot\JCQueueTrigger1\run.ps1:136 char:9 + $LastRecordTimestamp = $LastRecordTimeStamp.ToString('yyyy-MM … + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ PSScriptRoot : C:\home\site\wwwroot\JCQueueTrigger1 PSCommandPath : C:\home\site\wwwroot\JCQueueTrigger1\run.ps1 CommandOrigin : Internal ScriptStackTrace : at , C:\home\site\wwwroot\JCQueueTrigger1\run.ps1: line 136
2025-01-21T11:35:07Z [Error] ERROR: Cannot find an overload for "ToString" and the argument count: "1". Exception : Type : System.Management.Automation.MethodException ErrorRecord : Exception : Type : System.Management.Automation.ParentContainsErrorRecordException Message : Cannot find an overload for "ToString" and the argument count: "1". HResult : -2146233087 CategoryInfo : NotSpecified: (:) [], ParentContainsErrorRecordException FullyQualifiedErrorId : MethodCountCouldNotFindBest InvocationInfo : ScriptLineNumber : 136 OffsetInLine : 9 HistoryId : 1 ScriptName : C:\home\site\wwwroot\JCQueueTrigger1\run.ps1 Line : $LastRecordTimestamp = $LastRecordTimeStamp.ToString('yyyy-MM-ddThh:mm:ssZ') Statement : $LastRecordTimestamp = $LastRecordTimeStamp.ToString('yyyy-MM-ddThh:mm:ssZ') PositionMessage : At C:\home\site\wwwroot\JCQueueTrigger1\run.ps1:136 char:9 + $LastRecordTimestamp = $LastRecordTimeStamp.ToString('yyyy-MM … + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ PSScriptRoot : C:\home\site\wwwroot\JCQueueTrigger1 PSCommandPath : C:\home\site\wwwroot\JCQueueTrigger1\run.ps1 CommandOrigin : Internal ScriptStackTrace : at , C:\home\site\wwwroot\JCQueueTrigger1\run.ps1: line 136 TargetSite : System.Object CallSite.Target(System.Runtime.CompilerServices.Closure, System.Runtime.CompilerServices.CallSite, System.Object, System.String) Message : Cannot find an overload for "ToString" and the argument count: "1". Source : Anonymously Hosted DynamicMethods Assembly HResult : -2146233087 StackTrace : at CallSite.Target(Closure, CallSite, Object, String) at (Closure, FunctionContext) CategoryInfo : NotSpecified: (:) [], MethodException FullyQualifiedErrorId : MethodCountCouldNotFindBest InvocationInfo : ScriptLineNumber : 136 OffsetInLine : 9 HistoryId : 1 ScriptName : C:\home\site\wwwroot\JCQueueTrigger1\run.ps1 Line : $LastRecordTimestamp = $LastRecordTimeStamp.ToString('yyyy-MM-ddThh:mm:ssZ') Statement : $LastRecordTimestamp = $LastRecordTimeStamp.ToString('yyyy-MM-ddThh:mm:ssZ') PositionMessage : At C:\home\site\wwwroot\JCQueueTrigger1\run.ps1:136 char:9 + $LastRecordTimestamp = $LastRecordTimeStamp.ToString('yyyy-MM … + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ PSScriptRoot : C:\home\site\wwwroot\JCQueueTrigger1 PSCommandPath : C:\home\site\wwwroot\JCQueueTrigger1\run.ps1 CommandOrigin : Internal ScriptStackTrace : at , C:\home\site\wwwroot\JCQueueTrigger1\run.ps1: line 136
We've already updated the runtime and the powershell core version to ~4 and 7.4 respectively based on the recommendation from this link -- #11535
To Reproduce
Expected behavior
I am expecting to not see any errors within the log streams and the functions
Screenshots
Additionally, is it possible to set the logging level of the function app triggers? We're getting high number of logs into the AppTraces table -- as I understand it, it's possible to edit the host.json file to add the a line to specify the logging level (https://learn.microsoft.com/en-us/azure/azure-functions/configure-monitoring?tabs=v2)
Hoping for your kind response, thank you!
The text was updated successfully, but these errors were encountered: