Unable to send logs to Azure Data Explorer

[yilanboy]

I created a new azure_kusto output to send logs directly to Data Explorer for data ingestion:

[SERVICE]
    Daemon off

[INPUT]
    name   udp
    listen 0.0.0.0
    port   12201
    format json
    tag gelf_test

[OUTPUT]
    Match *
    Name azure_kusto
    Tenant_Id my_tenant_id
    Client_Id my_app_registration_client_id
    Client_Secret my_app_registration_secret
    Ingestion_Endpoint https://ingest-testcluster.eastus.kusto.windows.net
    Database_Name log-database
    Table_Name logs
    Ingestion_Mapping_Reference basicmsg

However, I encountered the following error (I run the fluent bit by docker compose)

log-forward-fluent-bit-1  | [2023/03/23 09:59:20] [ warn] [engine] failed to flush chunk '1-1679565555.386903678.flb', retry in 11 seconds: task_id=0, input=udp.0 > output=azure_kusto.0 (out_id=0)
log-forward-fluent-bit-1  | [2023/03/23 09:59:32] [error] [output:azure_kusto:azure_kusto.0] failed to create payload blob uri
log-forward-fluent-bit-1  | [2023/03/23 09:59:32] [error] [output:azure_kusto:azure_kusto.0] cannot perform queued ingestion

I have granted the app registration ingestion permissions to the database, and I was able to successfully ingest data to Data Explorer using the same app registration credential in Logstash output kusto.

What other settings am I missing?

[agup006]

I'm wondering if the ingestion endpoint should be the url without HTTPS and then you add TLS on as part of the configuration

[yilanboy]

Hello Sir

Thank you for your reply

When viewing the Fluent Bit document, the ADX output does not have TLS settings and the endpoint seems to start with HTTPS

I have tried the settings you mentioned here, but still have no luck

[yilanboy]

In version 2.1.1, I can output the logs to ADX now, thanks to the maintenance team! 👍