AzureDiagnosics table is always empty, despite diagnostic settings being configured

Question

AzureDiagnosics table is always empty, despite diagnostic settings being configured

Mateusz Lipowski 20

I want to diagnose disconnection issues with my Virtual network gateway using "S2S tunnel connet/disconnect events" logs query, but the AzureDiagnostics table is always empty (that causes query to fail due to missing columns, but i did double check that the AzureDiagnostics is just empty).

My Virtual network gateway details:
SKU: Basic | Gateway type: VPN | VPN type: Route-based

I have set up diagnostic settings for the gateway via Monitor like this

User's image

Is there any reason why AzureDiagnostics is empty? Can i get "S2S tunnel connet/disconnect events" query to work by any means?

Accepted answer

0 additional answers

Your answer

Answer 1

hi there ) thanks for sharing the details and the screenshot, really helps to see what's going on ))

alright, let's tackle this step by step. u mentioned the azurediagnostics table is empty even though u set up diagnostic settings. first thing, check if the logs are actually being sent to the right place. in your screenshot, u selected 'send to log analytics workspace', but the workspace dropdown is empty. that's a red flag ) u need to pick a specific workspace where the logs should land. no workspace selected means nowhere for the logs to go... kinda like sending a letter without an address )

here's the doc from microsoft on how to properly configure it https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/diagnostic-settings

also, since u're using a basic sku virtual network gateway, keep in mind it has some limitations. basic skus don't support all diagnostic features. u might wanna consider upgrading to vpngw1 or higher if u need full logging capabilities https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways

for the s2s tunnel events, make sure u enabled the right log categories. from your screenshot, u have 'tunnel diagnostic logs' checked, which is good. but sometimes there's a delay before logs start appearing. give it some time, like 15-30 mins, then check again.

oh and one more thing ) the query itself might need tweaking. try this basic one to see if anything shows up

azurediagnostics | where resourceprovider == "microsoft.network" and resourcetype == "virtualnetworkgateways"

if it's still empty after all this, u might need to open a support ticket. azure can be quirky sometimes )

hope this helps Mateusz! let me know if u're still stuck after trying these steps...

Alex

and "yes" if you would follow me at Q&A - personaly thx.
P.S. If my answer help to you, please Accept my answer

https://ctrlaltdel.blog/

Mateusz Lipowski 20 Reputation points

2025-08-13T10:48:57.25+00:00

Thanks for the reply. I don't understand the "empty workspace dropdown", did you mean this?

I also fear that might be the SKU issue, but no documentation mentions any diagnostic limitation across gateway SKUs. It's annoying, but I will check out better SKU in some time.

And the query you provided won't work, since the empty table does not have any columns and it returns "Failed to resolve column or scalar expression named 'resourceprovider'".
Mateusz Lipowski 20 Reputation points

2025-08-18T05:44:10.42+00:00

Updating SKU to VpnGw1 did fix the problem. Logging feature is not available for Basic SKU, which is not documented.

Share via

AzureDiagnosics table is always empty, despite diagnostic settings being configured

0 additional answers

Your answer