We're running Application Insights on some of our sites and we want to aggregate logs from the windows event log. We are running on windows server 2016.
I know that other log-shippers like elastic has the possibility to send logs from the windows event log. Is it possible from Application Insights?
Edit 22.10.2018
After #cijothomas's comment I tried adding the EtwCollector nuget package from Microsoft and added a few providers to the config.
<Add ProviderName="Microsoft-Windows-Crashdump" Level="Warning"/>
<Add ProviderName=".NET Common Language Runtime" Level="Warning" />
<Add ProviderName="ASP.NET Events" Level="Warning" />
<Add ProviderName="Microsoft-Windows-IIS-IISReset" Level="Warning" />
<Add ProviderName="Microsoft-Windows-HttpLog" Level="Warning" />
In Application Insights, I now get a trace from the application.
AI: Failed to enable provider for the EtwTelemetryModule. Access Denied.
and for example for the Microsoft-Windows-IIS-IISReset provider.
AI: Failed to enable provider Microsoft-Windows-IIS-IISReset for the EtwTelemetryModule.
I've added the applications user process to the "Performance Log Users" group in windows. Is it any other setting that I need to add to allow the logs to be shipped from this provider?
Did you mean ETW events? if yes, then Application Insights has an adapter to send ETW events as Application Insights Traces.
https://learn.microsoft.com/en-us/azure/application-insights/app-insights-asp-net-trace-logs#using-etw-events
Alternately, you can always do manual TrackTrace() method to send any traces to Application Insights.
https://learn.microsoft.com/en-us/azure/application-insights/app-insights-api-custom-events-metrics#tracktrace
Related
net and SQL server so i am trying to do the code first approach after i created the models for the database and enable and add migrations on the packet manager when i update-database command in the packet manager it works fine but when i want to see the database in the server explorer i get the following error :
The attempt to attach to the database failed with the following information:
Login failed for user 'LAPTOP-U9AV480S\NS'.
and this is my web.config file with the connection string value
<connectionStrings>
<add name="DefaultConnection" connectionString="server = LAPTOP-U9AV480S\SQLEXPRESS2 ;AttachDbFilename=|DataDirectory|\aspnet-vidly.mdf; integrated security = true"
providerName="System.Data.SqlClient" />
the SQL server is EXPRESS and i configured the security and the login to window authentication
please help me I am stuck in this for two days
I have an application pool that I use for development… and I have it running under my credentials (so I don't have to worry about permission/access issues). Two things make me think my credentials might be just sitting in a file (or registry entry)… which is worrisome:
When I change my password, I have to update the stored credentials
The setup dialog has a confirm password field
If IIS was just storing some authentication token or something, I would expect to only enter my password once (because authentication was happening immediately).
Anyone know where my credentials are being stored? Are they just encrypted using some system key then pulled out and used when the app pool spins up?
Here is the dialog where I'm entering the identity's credentials:
I open that dialog from the app pool's Advanced Settings:
Other Info
IIS 7.5 on Windows 7
I am using virtual accounts for other application pools, but that's not what I'm using here: I'm using actual Windows account credentials
UPDATE
Based on nicolas-dietrich's response, I found the following…
The application pool credentials (and general settings) for IIS 7.5 are stored in %systemroot%\System32\Inetsrv\config\applicationHost.config.
Encryption is handled by AesProtectedConfigurationProvider, which is the standard (?) way to protect sensitive config info (like db connection strings or–you know–passwords)
Here are the relevant sections with sensitive/irrelevant info replaced by ellipses (…):
<configProtectedData>
<providers>
<!-- … -->
<add name="IISWASOnlyAesProvider" type="Microsoft.ApplicationHost.AesProtectedConfigurationProvider" description="Uses an AES session key to encrypt and decrypt" keyContainerName="iisWasKey" cspProviderName="" useOAEP="false" useMachineContainer="true" sessionKey="…" />
</providers>
</configProtectedData>
<system.applicationHost>
<applicationPools>
<add name="DefaultAppPool" queueLength="5000" managedRuntimeVersion="v4.0" />
<add name="GeneralDev" queueLength="5000" autoStart="true">
<processModel identityType="SpecificUser" userName="mydomain\myusername" password="[enc:IISWASOnlyAesProvider:…:enc]" />
</add>
<!-- … -->
<applicationPoolDefaults managedRuntimeVersion="v4.0">
<processModel identityType="ApplicationPoolIdentity" loadUserProfile="true" setProfileEnvironment="false" />
</applicationPoolDefaults>
</applicationPools>
<!-- … -->
</system.applicationHost>
Hopefully, safe enough? ¯\_(ツ)_/¯
In IIS6 the AppPool identities were stored within the IIS metabase (%systemroot%\System32\Inetsrv\metabase.xml) in an encrypted string located under W3SVC/AppPools//WAMUserPass.
That was not so secured though as it was possible to decrypt and to show it as plain text (http://www.jasonsamuel.com/2010/04/28/how-to-get-the-iusr-and-iwam-user-account-passwords-on-an-iis-server/)
I am making a .Net Web API that gets data by calling an SQL server. The user is authenticated via Windows Authentication (Kerberos). I would like the user credentials to be passed to the SQL server via delegation, but the SQL server sees an anonymous user.
This is what I have done:
IIS application:
Windows Authentication and asp.net impersonation enabled. Anonymous and forms authentication disabled.
Enable kernel mode authentication is checked.
Providers: Negotiate, Kerberos.
Use app pool credentials: True.
Application pool:
Managed pipeline mode: Classic.
Identity: Network service.
In AD, the computer the web server runs on is set to "Trust this computer for delegation to any specific service (Kerberos only)"
The connection string to the SQL server contains Integrated Security=SSPI;
Edit: In my web.config I have
<system.web>
<authentication mode="Windows" />
<identity impersonate="true" />
</system.web>
and
<security>
<authentication>
<windowsAuthentication enabled="true">
<providers>
<clear />
<add value="Negotiate" />
<add value="Kerberos" />
</providers>
<extendedProtection tokenChecking="None" />
</windowsAuthentication>
<anonymousAuthentication enabled="false" />
</authentication>
</security>
The generic HOST spn is set for the machine.
From the browser I access the web application via http://machinename.domain.net.
I would expect in this setup that my IIS application is run under the machine account?
When I catch a request in the debugger on the web server, I can see that WindowsIdentity.GetCurrent().Name is the account of the user browsing the web application and WindowsIdentity.GetCurrent().AuthenticationType is set to "Kerberos". So that should be good.
However WindowsIdentity.GetCurrent().ImpersonationLevel is only set to "Impersonate". I would have expected it to be set to "Delegate"?
When I make a request to the SQL server, I get "Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'" so obviously the user credentials are not passed to the SQL server.
I hope someone can see what I am doing wrong. I really need a push in the right direction.
For future reference if someone runs into the same issue:
The issue was that we tried from Chrome. It works in IE, but on Chrome the registry change mentioned in this post was needed: Kerberos delegation doesn't work in chrome
You should be able to set the Authentication to ASP.NET Impersonation within IIS. You will probably be required to set the following in your web.config file too, as part of < system.web> section.
<identity impersonate="true" />
This may be required in the < system.webServer> section to, although not always recommended due to security concerns.
<validation validateIntegratedModeConfiguration="false" />
I have three systems running on IIS7 with static IP address 192.168.66.5. I have configured the system to run on the same IP address with different ports and subdmain like;
192.168.66.5:81 hostname ams.tpf.go.tz
192.168.66.5:82 hostname gmis.tpf.go.tz
192.168.66.5:83 hostname records.tpf.go.tz
192.168.66.5:84 hostname cmis.tpf.go.tz
I configure all these on IIS7 and defined them in the router.
When the client opens ams.tpf.go.tz without specifying the port number, the error 404 is returned: the requested resource is not found.
This recently occurred to me also - make sure your IIS Website is started - mine had been stopped. This is the error I was receiving in Visual Studio:
Unable to start debugging on the web server. The web server could not find the requested resource.
Right Click on your Website (i.e. Default Website) in IIS Manager and click Manage Web Site --> Start.
Navigating to any applications in the IIS Website was showing this error:
HTTP Error 404. The requested resource is not found.
The easiest way to achieve this is to set the port 80 for the site you want to be the "default" one, since this is the default HTTP port.
Some times IIS Manager -> Manage Web Site -> Start, will not work if the below 2 services are not running
1. Windows Activation Technologies Service
2. World Wide Web Publishing Service
Start these services manually under windows services then start IIS again.
Another cause that happens to me with some frequency is to set the permissions correctly to the physical directory. It can be achieved going to IIS -> clicking on the website and then in the actions panel click over Edit Permissions. Be sure that the user you are going to assign the permissions, are the same as defined on Authentication -> Anonymous Authentication or ASP.NET Impersonation, if any of those authentication methods are enabled.
To know the user assigned on those authentication methods, go to the Authentication icon, select any of the authentication methods mentioned before, right click on it and select edit. After that, you have the option to select the user you want.
Hoping this helps.
My issue for anyone else that comes here from google. I am hosting a django website so in my webconfig file it is set to process requests using the python virtual environment. In the web.config file it is this portion:
<configuration>
<system.webServer>
<handlers>
<add name="Python FastCGI"
path="*"
verb="*"
modules="FastCgiModule"
scriptProcessor="C:\inetpub\wwwroot\receipts\venv\Scripts\python.exe|C:\inetpub\wwwroot\receipts\venv\Lib\site-packages\wfastcgi.py"
resourceType="Unspecified"
requireAccess="Script" />
</handlers>
...
</configuration>
When there was requests to the media folder IIS would say great I know what to do send it through the scriptProcessor (python processor). Requests to the media folder should not do that they only need to serve static files (no extra processing). I placed this web.config in the media directory and it solved my problem!
<configuration>
<system.webServer>
<handlers>
<!-- this configuration overrides the FastCGI handler to let IIS serve these static files -->
<clear />
<add name="StaticFile"
path="*"
verb="*"
modules="StaticFileModule"
resourceType="File"
requireAccess="Read" />
</handlers>
</system.webServer>
</configuration>
In my case IIS server and resolved with the below steps.
Check the security groups - whether we have opened the required ports from ALB SG to EC2 SG.
Login to server and check does IIS server's default site has 443 port opened if your health-check is on 443. (whatever port you are using for health checks).
Use the curl command to troubleshoot the issue.
If you would like to check on HTTPS use the below command to check the response. Use -k or --insecure to ignore the SSL issue.
curl https://[serverIP] -k
For HTTP test use the below command.
curl http://[serverIP]
I cannot connect to SQL Server database.
When I run the aspnet_regsql.exe utility, I get the following error message:
Setup failed.
Exception:
Unable to connect to SQL Server database.
Details of failure
System.Web.HttpException: Unable to connect to SQL Server database. ---> System.Data.SqlClient.SqlException: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)
Also, I am unable to use the ASP.NET Website Administration Tool. When I click on the Security tab I receive the following error:
There is a problem with your selected data store. This can be caused by an invalid server name or credentials, or by insufficient permission. It can also be caused by the role manager feature not being enabled. Click the button below to be redirected to a page where you can choose a new data store.
The following message may help in diagnosing the problem: Unable to connect to SQL Server database.
So, I click on the 'Choose Data Store' button as instructed, which allows me to select a a Provider. The provider is named 'AspNetSqlProvider', it has a Test link beside it. I click on Test and receive the following error message:
Could not establish a connection to the database.
If you have not yet created the SQL Server database, exit the Web Site Administration tool, use the aspnet_regsql command-line utility to create and configure the database, and then return to this tool to set the provider.
I have lost overtime for this problem, but i cannot fix it. I hope everybody can help me.
I look forward receive the good answer as soon as possible. Sincerely thanking you very much for your help.
I encounter the same problem in my ASP.NET MVC project as you, when using the ASP.NET Website Administration Tool. The solution is to check and modify your web.config file. I just change the following attributes (add a field):
1) from
<profile>
<providers>...</providers>
to
<profile defaultProvider="DefaultProfileProvider">
<providers>...</providers>
2) from
<membership>
<providers>...</providers>
to
<membership defaultProvider="DefaultMembershipProvider">
<providers>...</providers>
3) from
<roleManager>
<providers>...</providers>
to
<roleManager defaultProvider="DefaultRoleProvider">
<providers>...</providers>
And, be sure to have something like:
<connectionStrings>
<add name="DefaultConnection" providerName="System.Data.SqlClient" connectionString="Data Source=(LocalDb)\v11.0;Initial Catalog=aspnet-MvcApplication1-20160111151822;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnet-MvcApplication1-20160111151822.mdf" />
</connectionStrings>
and the "DefaultConnection" has a corresponding field connectionStringName="DefaultConnection" under <profile>,<memebership>and <roleManager> tags, which are modified as stated above.
If you still have problems in your MVC project, just create a new full ASP.NET MVC Web Application template, compare the web.config file with yours, and modify your web.config file.