- 0 minutes to read

Prerequisites for the Nodinite Azure Logic Apps Logging and Monitoring Agent

Info

This page describes the prerequisites to successfully install and run the Nodinite Azure Logic Apps Log and Monitoring Agent and you will enjoy a plug-and-play experience for Logic Apps Monitoring and Logic Apps Logging.

Before you dig in and enable the built-in Azure Logic Apps tracking feature, please read the About Logic Apps Logging options user guide first.

Monitoring

The Nodinite Azure Logic Apps Log and Monitoring Agent features Azure Monitoring without the need for many costly (consultancy hours) time-consuming hands-on tweaks featured in the Azure portal.

The Nodinite Azure Logic Apps Log and Monitoring Agent often replace Azure Monitoring!

graph LR subgraph "Nodinite Instance" roNI(fal:fa-monitor-waveform Azure Logic Apps
Logging and Monitoring Agent) end subgraph "Azure Cloud / Subscriptions" roAzureAPI(fal:fa-cloud Microsoft Azure API)---roLA(fal:fa-clouds Your Logic Apps) roNI --> |REST| roAzureAPI end

Logging and/or failed runs Monitoring

To enable Logging and the Monitoring of failed runs from Workflows, the Agent makes use of the following Azure services:

  • Enable Logging in Workflows
  • An Azure Event Hub (target for diagnostics Logging).
    • You can use one or more Event Hub entities as the target.
  • A storage container to keep track of the current checkpoint.
    • Each Event Hub Entity must have its unique container to store the bookmark (checkpoint).

Important

You must have one unique storage container per Event Hub entity! Otherwise, you will overwrite the checkpoint, thus preventing the operational Logging feature.

graph TD subgraph "Azure Cloud / Subscriptions" storage(fa:fa-boxes Storage Container) A[fal:fa-clouds Logic App
with diagnostic setting] --> |Diagnostics data| B(fa:fa-list Azure Event Hub) end subgraph "Nodinite Instance" B --- C[fal:fa-monitor-waveform Azure Logic Apps
Logging and Monitoring Agent] C--- db(fa:fa-database Agent Database) C --> |Log Event| F[fa:fa-cloud-download Nodinite's Log API] C --- |Checkpoint| storage end
  • The Agent makes use of a mandatory SQL Server Agent Database. This database boosts performance and provides long-term statistics. Every instance of the Agent requires its unique database.

You can install instances of this Agent on-premise using TCP/IP for local network access and/or in the cloud/off-site using Service Bus Relaying (see also the external link for additional information MicrosoftServiceBusRelayingLink) as long as the Agent can access the Nodinite Log API.

We recommend that you keep this Agent close to the Nodinite Core Services. This documentation covers a local network setup (usually on the Nodinite application server).

Verified Topic
Software Requirements
What Azure User rights does the Azure Logic Apps Logging and Monitoring Agent require?
What Windows User Rights does the Azure Logic Apps Logging and Monitoring Agent require?
What Firewall settings are required for the Azure Logic Apps Logging and Monitoring Agent?

Software Requirements

The Nodinite Azure Logic Apps Log and Monitoring Agent is a Windows Service you usually install on the Nodinite application server.

Product
Windows Server Windows 2022
Windows 2019
Windows 2016
Windows 2012 R2
Windows 2012
.NET Framework
  • 6.1.x.NET 8.0New 6.1 Install .NET Runtime 8.0.x AND ASP.NET Core Runtime 8.0.x (Hosting bundle)
  • 6.0.x .NET 7.0 Install .NET Runtime 7.0.x AND ASP.NET Core Runtime 7.0.x
  • < 6.x .NET Framework 4.7.2 or later - Our recommendation is .NET Framework 4.8
DACFX Download You must use 16.1 or later

Important

This agent is updated timely to comply with the Microsoft support policy. You must regularly patch your .NET and .NET Core environments, please review the NET and .NET Core Support Policy

Supported Versions

Cloud technologies are evolving fast, and Microsoft deprecates older versions of their APIs now and then. Nodinite will always support the APIs supported by Microsoft. This means you need to update Nodinite and our Azure Logic Apps Log and Monitoring Agent from time to time.

Make sure to subscribe to our Release Notes.

What Azure User rights do the Azure Logic Apps Logging and Monitoring Agent require?

  • The Agent uses the Azure REST API to read logged events with tracked properties and can modify the state of your logic apps. Therefore the Agent needs access rights. Carefully read and follow the instructions detailed in the Azure Applications Access user guide.

  • Azure REST API access (contributor)

    • Apply to the Resource groups to be included in Logging and Monitoring where you have your Logic Apps
  • Event Hub

    • Event Hub Connection string
  • Storage

    • Storage connection string

Enable Logic Apps Logging in Azure

To enable Logging to Nodinite from your Logic Apps, you must enable and configure some features in the Azure portal. You can always script, and use ARM Templates to create the necessary services and apply the proper settings. The Nodinite Azure Logic Apps Log and Monitoring Agent requires information about these configurations.

The following Azure services and settings are required to enable Logging to Nodinite from Azure Logic Apps:

  • Configure each Logic Apps Diagnostic setting with the 'Workflowruntime' Logging option (Standard and Consumption)

    Please review the ARM Template user guide for an example to use with your build and deployment process.

  • Storage account - Stores the checkpoint (offset position in the Event Hub stream). You must use one unique configuration per event hub entity.

    The Event Hub "only" supports client-side checkpointing.

  • Event Hub entity - Match according to the diagnostics settings in Azure. The Agent can tap many event hubs simultaneously. This means that you can consider the geo-redundancy, the number of partitions to use, and the retention.

Event Hub Entity

The Azure Event Hub entity is used as the target for Logging when the diagnostics logging for a Logic App is enabled.

Note

The different diagnostic settings can target a single or multiple Event Hubs. You must match these different settings with the configuration within the Nodinite Azure Logic Apps Log and Monitoring Agent.

  • Use one or more dedicated event hubs entities for the Logic Apps Logging. This is set in the Azure diagnostic settings.

Important

If you use diagnostic Logging also for other Azure resources like API Management Services, then you must provide a different set of Event Hub Entities (names) for the different type of Azure resources

  • You can use multiple Event Hubs for different diagnostic settings
  • Access Control (Shared Access Policy)
  • Use at least 2 partitions, see note below:

    Important

    For high volume solutions (>2.000.000 events per day), you might need to [re]-create the Event Hub with 4 (or even more partitions).

  • Try to keep the number of Event Hub entities as small as possible

    You can re-use the same Event Hub entity from many diagnostic settings set on the Azure Logic Apps.

  • You must use an Event Hub in the same region as your Logic Apps.

Azure Event Hub Entity
Here's an example of an Azure Event Hub entity in use to enable the Azure Logic Apps Logging feature.

Event Hub Details
Details about the Azure Event Hub entity.

Data is updated regularly on the Event Hub.
Event Hub Properties

Additional comments about the Event Hub

The target for Logging from the Azure Logic App is an Event Hub entity. These named Event Hubs entities MUST be unique for Logging from Azure Logic Apps.

graph LR subgraph "Integration solution" C[Azure Function
with Serilog Logging] --- C1(Serilog Event Hub Sink) A[Azure API Management Service API
with Policy] --- A1(Policy) B[Azure Logic App
with the diagnostic setting] end subgraph "Event Hub" A1-->|1. Nodinite JSON Log Event| AA(EH1) C1-->|1. Nodinite JSON Log Event| AA C1 -.- CC(EH2) B-->|2. Azure Diagnostics log| BB(EH3) end
  1. Logging from Azure functions can share the same Eventy Hub if the content logged is a Nodinite JSON Log Event.
  2. Since the content is in a different format; the Logging from Azure Logic Apps requires one or more OTHER event hubs as the target.

Using a shared Event Hub for a Nodinite JSON Log Event has the advantage of less administration (i.e. you must configure the Nodinite Pickup Log Events Service Logging Agent to fetch these events)
The disadvantage with a shared event hub entity can be performance-related, or other factors to consider like pricing (Logging from multiple regions), scalability, retention settings, number of partitions, ...

Tip

Make sure to use separate event hub entities for different purposes and needs, i.e. multiple Logic App Logging, multiple API Management Services, multiple APIs, and multiple Azure functions, all according to your architecture.

Storage Account

Nodinite uses the storage to persist a bookmark to the position in the event stream. This feature provides reliable Logging. If you stop or restart the Agent, it will resume the event hub stream operation from the last known checkpoint with the offset stored in the storage container.

You need to create (or reuse) an Azure Storage Account.

Azure Storage Account
A Storage Account is required to enable the Nodinite Azure Logic Apps Logging feature.

  • One container, per unique combination of:
    • per Log Agent configuration
      • Subscription
      • Event Hub Entity
  • Access Control (Contributor)

Important

If you have multiple instances and/or multiple Event Hubs entities; Make sure to map the storage container 1:1 with the Event Hub entity. You must not reuse the same storage container name in multiple configurations. If you do so, the checkpoint is read and overwritten yielding lost data and/or duplicates.

  • Region/Location - Place in the same region as your Logic Apps and Resource groups
  • Kind - General-purpose v2 account

Storage Container for the Event Hub checkpoint
Here's an example of a storage container to keep track of the Event Hub checkpoint.

Next, you must get the Connection String the Agent uses to access the Azure Storage Account:
Access Key
Example with details about the Azure Storage container connection.

Properties
Over time, this object should be tiny, and it gets modified regularly.

Logic Apps

Info

Logically, the same type of settings apply for both Standard and Consumption based Logic Apps. The settings apply on either the Workflow (Consumptiom), or the Logic Apps (Standard). The latter thenb applies to all Workflows in that Logic App.

Important

Ensure that only the Workflow runtime checkbox is checked. Otherwise, the Agent is not operational.

  • Diagnostics Setting (Consumption) - Repeat for each Logic App where Logging should be enabled.
    Azure Logic Apps Diagnostic Setting - Consumption
    Here's an example of a Consumption-based Azure Logic App with the essential diagnostic settings to enable the Logging feature for use with Nodinite.

  • Diagnostics Setting (Standard)

    Azure Logic Apps Diagnostic Setting - Standard
    Here's an example of a Standard-based Azure Logic App with the essential diagnostic settings to enable the Logging feature for use with Nodinite.

Tip

Use Powershell scripts to automate this configuration or make it a default setting part of your deployment template.

Next, you must Add the SAS Policy with the connection string Nodinite uses to connect with the Event Hub:
Add SAS Policy
Here's an example of a SAS Policy with Event Hub connection details.

The connection string is available in the Azure portal, copy and paste it to the Nodinite Configuration.

Option Name
Manage
Send
Listen

What Windows User Rights does the Azure Logic Apps Logging and Monitoring Agent require?

The Agent is installed as a Windows Service usually on the Nodinite application server. Virtual machines are supported.

What Firewall settings are required for the Azure Logic Apps Logging and Monitoring Agent?

The Azure Logic Apps Log and Monitoring Agent has both inbound and outbound communication:

  1. Between the Monitoring Service and the Azure Logic Apps Log and Monitoring Agent.
  2. Between the Azure Logic Apps Log and Monitoring Agent and Azure Management API.
  3. Between the Azure Logic Apps Log and Monitoring Agent and Azure Event Hub.
  4. Between the Azure Logic Apps Log and Monitoring Agent and Azure Storage.
  5. Between the Azure Logic Apps Log and Monitoring Agent and the Monitoring Database.
  6. Between the Azure Logic Apps Log and Monitoring Agent and the Log API.
graph LR subgraph "Nodinite Instance" roMonitoringService(fal:fa-watch-fitness Monitoring Service) roNI(fal:fa-monitor-waveform Azure Logic Apps Logging and Monitoring Agent) roMonitoringService --> |8000/443| roNI roLogAPI(fal:fa-cloud-download Log API) end subgraph "Azure Cloud / Subscriptions" roAzureAPI(fal:fa-cloud Microsoft Azure API)---roLA(fal:fa-clouds Your Logic Apps) roNI --> |443| roAzureAPI roNI --> |80,443| roLogAPI end
graph TD subgraph "Azure Cloud / Subscriptions" storage(fa:fa-boxes Storage Container) A[fal:fa-clouds Logic App
with diagnostic setting] --> B(fa:fa-list Azure Event Hub) end subgraph "Nodinite Instance" B --- |80,443,567x.., 935x..| C[fal:fa-monitor-waveform Azure Logic Apps
Logging and Monitoring Agent] C--- |1433, ...|db(fa:fa-database Monitoring Database) C --> |80,443| F[fa:fa-cloud-download Nodinite's Log API] C --- |443| storage end

1. Between the Monitoring Service and the Azure Logic Apps Logging and Monitoring Agent

The following ports must be allowed on the Windows server where the Agent is installed and running:

Port Name Inbound Outbound TCP UDP Comment
53 DNS The Agent needs to know where your other servers/services are (can sometimes optionally be solved using entries in the local hosts file)

And further with 'Option 1' or 'Option 2' as documented next:

Option 1 (Local network)

Port Name Inbound Outbound TCP UDP Comment
8000 RPC Communication is initiated by the Monitoring Service

Option 2 (Cloud/Hybrid)

Use Service Bus Relayed connections when Nodinite and Agent are on totally different networks.

Nodinite uses the same principle technique as the On-Premise data gateway, see 'Adjust communication settings for the on-premises data gateway' user guide.

The following ports must be open for outbound communication with '*.servicebus.windows.net' from both on-premise and off-site (Nodinite Windows Server(s) and where the Agent is installed):

Port Name Inbound Outbound TCP UDP Comment
443 HTTPS Secure outbound traffic
5671, 5672 Secure AMQP
9350 - 9354 Net.TCP

2. Between the Azure Logic Apps Logging and Monitoring Agent and Azure Management API

Port Name Inbound Outbound TCP UDP Comment
443 HTTPS Secure outbound traffic with the Azure REST API. - Safelist the Azure portal URLs on your firewall or proxy server

3. Between the Azure Logics Apps Log and Monitoring Agent and Azure Event Hub

The following ports must be open for outbound communication with '*.servicebus.windows.net' from both on-premise and off-site Windows Servers where Agent is installed:

Port Name Inbound Outbound TCP UDP Comment
443 HTTPS Secure outbound traffic
5671, 5672 Secure AMQP
9350 - 9354 Net.TCP

Troubleshooting guide: https://learn.microsoft.com/en-us/azure/event-hubs/troubleshooting-guide

4. Between the Azure Logics Apps Log and Monitoring Agent and Azure Storage

You must allow communication between the Nodinite Azure Logic Apps Log and Monitoring Agent and your Storage Account. The system Administrator may have one or more rules in place in any of the following locations:

  • Virtual Machine
  • Storage Account
  • Virtual Network

If you have enabled rules, you may need to tune these to allow communication.

graph LR subgraph "Nodinite instance" roNI(fal:fa-monitor-waveform Azure Logic Apps
Logging and Monitoring Agent) end subgraph "Azure Virtual Network" roNI --> |Firewall whitelist| roEH(fal:fa-boxes Azure Storage) end

Troubleshooting guide: Configure Azure Storage firewalls and virtual networks

5. Between the Azure Logics Apps Log and Monitoring Agent and the Monitoring Database

This topic is well covered in the user guide for Monitoring Databases.

6. Between the Azure Logic Apps Logging and Monitoring Agent and the Log API

When Logging is enabled the Nodinite Azure Logic Apps Log and Monitoring Agent requires one of the following outbound TCP ports to be open for access to the Nodinite Log Api (configurable)

Port Name Inbound Outbound TCP UDP Comment
80 HTTP default for HTTP
443 HTTPS default for HTTPS

Tip

If the Azure Logic Apps Log and Monitoring Agent and the Log API are on the same server, you should stick with HTTP for the best performance. The information is managed locally on the server (e.g. Not on the network.).


Frequently asked questions

Additional solutions to common problems and the FAQ for the Nodinite Azure Logic Apps Logging and Monitoring Agent exist in the Troubleshooting user guide.

Next Step

Install the Azure Logic Apps Logging and Monitoring Agent

Add or manage a Monitoring Agent Configuration
Monitoring Agents
Administration
Monitoring Agents