Update investigate-missing-telemetry.md

przlplx · web-flow · commit b0edf56fb483 · 2025-10-14T16:44:39.000-07:00
Edit review per CI 7846
diff --git a/support/azure/azure-monitor/app-insights/telemetry/investigate-missing-telemetry.md b/support/azure/azure-monitor/app-insights/telemetry/investigate-missing-telemetry.md
@@ -66,7 +66,7 @@ A sample telemetry record that's correctly saved and displayed means:
 - Log Analytics correctly saved the sample record.
 - The Azure portal **Logs** tab is able to query the API (`api.applicationinsights.io`) and render the sample record in the Azure portal.
 
-If the generated sample record arrives at your Application Insights instance and you can query for the sample record by using the **Logs resource** menu, [troubleshoot the Application Insights SDK or agent](#troubleshoot-application-insights-sdk-agent). You can then proceed with collecting SDK logs, self-diagnostic logs, or profiler traces, whichever is appropriate for the SDK or agent version.
+If the generated sample record arrives at your Application Insights instance, and you can query for the sample record by using the **Logs resource** menu, [troubleshoot the Application Insights SDK or agent](#troubleshoot-application-insights-sdk-agent). You can now collect SDK logs, self-diagnostic logs, or profiler traces, as appropriate for the SDK or agent version.
 
 The following sections provide information about sending a sample telemetry record using PowerShell or curl.
 
@@ -287,32 +287,32 @@ If tests performed by using PowerShell or curl fail to send telemetry to the ing
 
 ## Troubleshoot Microsoft Entra authentication issues
 
-This section provides distinct troubleshooting scenarios and steps to resolve [Microsoft Entra authentication](/azure/azure-monitor/app/azure-ad-authentication) issues before contacting support.
+This section provides distinct troubleshooting scenarios and steps to resolve [Microsoft Entra authentication](/azure/azure-monitor/app/azure-ad-authentication) issues before you contact Microsoft support.
 
 ### Ingestion HTTP errors
 
-The ingestion service returns specific errors regardless of the SDK language. Network traffic can be collected by using a tool like Fiddler. Be sure to filter traffic to the ingestion endpoint set in the connection string.
+The ingestion service returns specific errors regardless of the SDK language. Network traffic can be collected by using a tool such as Fiddler. Make sure that you filter traffic to the ingestion endpoint that's set in the connection string.
 
 ### HTTP/1.1 400 Authentication not supported
 
-This error shows the resource is set for Microsoft Entra-only.
+This error shows that the resource is set as Microsoft Entra-only.
 
-Review and correctly configure the SDK because it's sending to the wrong API.
+Review and configure the SDK correctly because it's sending to the wrong API.
 
 > [!NOTE]
-> `v2/track` doesn't support Microsoft Entra ID. When the SDK is correctly configured, telemetry is sent to `v2.1/track`.
+> `v2/track` doesn't support Microsoft Entra ID. If the SDK is configured correctly, telemetry is sent to `v2.1/track`.
 
 #### HTTP/1.1 401 Authorization required
 
-This error indicates that the SDK is correctly configured but it's unable to acquire a valid token. This error might indicate an issue with Microsoft Entra ID.
+This error indicates that the SDK is configured correctly but can't acquire a valid token. This error might indicate that an issue that affects Microsoft Entra ID exists.
 
 Identify exceptions in the SDK logs or network errors from Azure Identity.
 
 #### HTTP/1.1 403 Unauthorized
 
-This error means the SDK uses credentials without permission for the Application Insights resource or subscription.
+This error means that the SDK uses credentials without permission for the Application Insights resource or subscription.
 
-Check the Application Insights resource's access control. You must configure the SDK with credentials that have the Monitoring Metrics Publisher role.
+Check the access control for the Application Insights resource. You must configure the SDK by using credentials that have the Monitoring Metrics Publisher role.
 
 ### Language-specific troubleshooting
 
@@ -322,13 +322,13 @@ Check the Application Insights resource's access control. You must configure the
 
 The Application Insights .NET SDK emits error logs by using the event source. To learn more about collecting event source logs, see [Troubleshooting no data - collect logs with PerfView](asp-net-troubleshoot-no-data.md#collect-logs-with-perfview).
 
-If the SDK fails to get a token, the exception message is logged as `Failed to get AAD Token. Error message:`.
+If the SDK doesn't get a token, the exception message is logged as "Failed to get AAD Token. Error message:."
 
 ### [Java](#tab/java)
 
 #### HTTP traffic
 
-You can inspect network traffic by using a tool like Fiddler. To enable the traffic to tunnel through Fiddler, either add the following proxy settings in the configuration file:
+You can inspect network traffic by using a tool such as Fiddler. To enable the traffic to tunnel through Fiddler, add the following proxy settings in the configuration file:
 
 ```JSON
 "proxy": {
@@ -337,36 +337,59 @@ You can inspect network traffic by using a tool like Fiddler. To enable the traf
 }
 ```
 
-Or add the following Java Virtual Machine (JVM) arguments (args) while running your application: `-Djava.net.useSystemProxies=true -Dhttps.proxyHost=localhost -Dhttps.proxyPort=8888`
+Alternatively, add the following Java Virtual Machine (JVM) arguments while running your application: 
 
-If Microsoft Entra ID is enabled in the agent, outbound traffic includes the HTTP header `Authorization`.
+> `-Djava.net.useSystemProxies=true -Dhttps.proxyHost=localhost -Dhttps.proxyPort=8888`
+
+If Microsoft Entra ID is enabled in the agent, outbound traffic includes the `Authorization` HTTP header.
 
 #### 401 Unauthorized
 
-If you see the message `WARN c.m.a.TelemetryChannel - Failed to send telemetry with status code: 401, please check your credentials` in the log, it means the agent couldn't send telemetry. You likely didn't enable Microsoft Entra authentication on the agent while your Application Insights resource has `DisableLocalAuth: true`. Ensure you pass a valid credential with access permission to your Application Insights resource.
+You might see the following entry in the log:
+
+> `WARN c.m.a.TelemetryChannel - Failed to send telemetry with status code: 401, please check your credentials`
+
+This message means that the agent can't send telemetry. In this situation, you likely didn't enable Microsoft Entra authentication on the agent while your Application Insights resource had `DisableLocalAuth: true`. Make sure that you pass a valid credential that has access permission to your Application Insights resource.
 
-If you're using Fiddler, you might see the response header `HTTP/1.1 401 Unauthorized - please provide the valid authorization token`.
+If you use Fiddler, you might see the following response header:
+
+> `HTTP/1.1 401 Unauthorized - please provide the valid authorization token`
 
 #### CredentialUnavailableException
 
-If you see the exception `com.azure.identity.CredentialUnavailableException: ManagedIdentityCredential authentication unavailable. Connection to IMDS endpoint cannot be established` in the log file, it means the agent failed to acquire the access token. The likely cause is an invalid client ID in your User-Assigned Managed Identity configuration.
+You might see the following entry in the log file:
+
+> `com.azure.identity.CredentialUnavailableException: ManagedIdentityCredential authentication unavailable. Connection to IMDS endpoint cannot be established`
+
+This exception means that the agent didn't acquire the access token. The likely cause is an invalid client ID in your User-Assigned Managed Identity configuration.
 
 #### Failed to send telemetry
 
-If you see the message `WARN c.m.a.TelemetryChannel - Failed to send telemetry with status code: 403, please check your credentials` in the log, it means the agent couldn't send telemetry. The likely reason is that the credentials used don't allow telemetry ingestion.
+You might see the following message in the log:
 
-Using Fiddler, you might notice the response `HTTP/1.1 403 Forbidden - provided credentials do not grant the access to ingest the telemetry into the component`.
+. `WARN c.m.a.TelemetryChannel - Failed to send telemetry with status code: 403, please check your credentials`
 
-The issue can be due to:
+This message means that the agent can't send telemetry. The likely reason is that the credentials that are used don't allow telemetry ingestion.
 
-- Creating the resource with a system-assigned managed identity or associating a user-assigned identity without adding the Monitoring Metrics Publisher role to it.
-- Using the correct credentials for access tokens but linking them to the wrong Application Insights resource. Ensure your resource (virtual machine or app service) or user-assigned identity has Monitoring Metrics Publisher roles in your Application Insights resource.
+If you use Fiddler, you might notice the following response:
+
+> "HTTP/1.1 403 Forbidden - provided credentials do not grant the access to ingest the telemetry into the component"
+
+This issue can be caused by any of the following actions:
+
+- Creating a resource that has a system-assigned managed identity.
+- Associating a user-assigned identity without adding the Monitoring Metrics Publisher role to it.
+- Using the correct credentials for access tokens, but linking them to the wrong Application Insights resource. In this situation, make sure that your resource (virtual machine or app service) or user-assigned identity has Monitoring Metrics Publisher roles in your Application Insights resource.
 
 #### Invalid Client ID
 
-If you see the exception `com.microsoft.aad.msal4j.MsalServiceException: Application with identifier <CLIENT_ID> was not found in the directory` in the log, it means the agent failed to get the access token. This exception likely happens because the client ID in your client secret configuration is invalid or incorrect.
+You might see the following exception in the log:
+
+> `com.microsoft.aad.msal4j.MsalServiceException: Application with identifier <CLIENT_ID> was not found in the directory`
+
+This means that the agent didn't get the access token. This exception likely occurs because the client ID in your client secret configuration is invalid or incorrect.
 
-This issue occurs if the admin doesn't install the application or no tenant user consents to it. It also happens if you send your authentication request to the wrong tenant.
+This issue occurs if the admin doesn't install the application or if no tenant user consents to it. It occurs also if you send your authentication request to the wrong tenant.
 
 ### [Java native](#tab/java-native)
 
@@ -375,7 +398,7 @@ This issue occurs if the admin doesn't install the application or no tenant user
 
 ### [Node.js](#tab/nodejs)
 
-Turn on internal logs by using the following setup. After you enable them, the console shows error logs including any error related to Microsoft Entra integration. Examples include failing to generate the token with the wrong credentials or errors when the ingestion endpoint fails to authenticate using the provided credentials.
+Turn on internal logs by using the following setup. After you enable the logs, the console shows error logs, including any errors that are related to Microsoft Entra integration. Examples include failing to generate the token with the wrong credentials or if the ingestion endpoint doesn't authenticate by using the provided credentials.
 
 ```javascript
 let appInsights = require("applicationinsights");
@@ -390,13 +413,13 @@ Something is incorrect about the credential you're using and the client isn't ab
 
 ### Error starts with "authentication error" (with no status code)
 
-The client failed to authenticate with the given credential. This error usually occurs when the credential used doesn't have the correct role assignments.
+The client failed to authenticate with the given credential. This error usually occurs if the credential used doesn't have the correct role assignments.
 
-### I'm getting a status code 400 in my error logs
+### Status code 400 is logged in the error logs
 
-You're probably missing a credential or your credential is set to `None`, but your Application Insights resource is configured with `DisableLocalAuth: true`. Make sure you're passing in a valid credential and that it has permission to access your Application Insights resource.
+You're probably missing a credential or your credential is set to `None`, but your Application Insights resource is configured with `DisableLocalAuth: true`. Make sure that you pass in a valid credential and that it has permission to access your Application Insights resource.
 
-### I'm getting a status code 403 in my error logs
+### Status code 403 is logged in error logs
 
 This error usually occurs when the provided credentials don't grant access to ingest telemetry for the Application Insights resource. Make sure your Application Insights resource has the correct role assignments.
 
