While investigating a user connection issue in an Azure Virtual Desktop environment, I suddenly lost access to logs and diagnostics data stored in a Log Analytics Workspace. Attempting to view the logs in the Azure Portal resulted in the error message: “Failed to retrieve schema. Please try to refresh the page.”
Earlier that day, I cleaned up unused resources (VMs, Host pools, etc.), which made me wonder if this could have corrupted some tables and caused the error. When I checked other Log Analytics Workspaces (e.g Azure Firewall), the same error appeared consistently. At least it is a “bigger” problem 🙃. With no incidents reported on the Azure Status page, I decided to dig deeper. After launching the developer tools in my browser and attempting to access the logs again, I found the first clue: my endpoint could no longer resolve the hostname “api.loganalytics.io” via the configured nameservers.
After a short call with the DNS team, they mentioned they had configured some Azure zone configurations for another department implementing several Azure services over PrivateLink. This seemed to be the root of our issue. Once the zone forwarders for the Azure Monitor service were removed from the nameservers, everything started working again. This included the following zones:
* monitor.azure.com
* oms.opinsights.azure.com
* ods.opinsights.azure.com
* agentsvc.azure-automation.net
* blob.core.windows.net
* services.visualstudio.com
* applicationinsights.azure.com
Here’s another one for the chapter: 0 Days Since It Was DNS. It’s always DNS! 😉