Topics on this page
Monitor errors
You can monitor the file events that failed to be processed by File Storage Security components in the following places.
Blob event grid system topic dead lettering
When a file is uploaded to the protecting blob storage, the blob event grid system topic publishes a Microsoft.Storage.BlobCreated
event to the Blob Listener. If the Blob Listener cannot successfully process an event a certain number of times, the blob event grid system topic dead-letters the event by sending it to the specified blob container. You can find the resource ID of the blob container in the blobSystemTopicDeadLetterStorageID
field on the storage stack's deployment Outputs page. You can follow the steps in Reacting to Blob storage events to monitor the dead-letter events.
Scanner queue dead lettering
The Scanner Queue stores the messages sent from the Blob Listener and is consumed by the Scanner Function. If the Scanner Function cannot successfully process a message in the Scanner Queue a certain number of times, the message is sent to the Scanner Queue's dead-letter queue. The Scanner Function consumes the messages in the Scanner Queue's dead-letter queue and publishes the scan result with a -4
and "unsuccessful scanner invocation"
status to the Scan Result Topic. For details of monitoring the Scan Result Topic, see Be notified of scan results through Azure Service Bus Topic.
Scan result topic dead lettering
The Scan Result Topic receives the scan results from the Scanner Function and publishes them to the subscribers. The Post Scan Action Tag Function in the storage stack subscribes to the Scan Result Topic. If the Post Scan Action Tag Function cannot successfully process a message in the Scan Result Topic a certain number of times, the message is sent to the Scan Result Topic's dead-letter queue. You can find the path to the dead-letter queue in the blobScanResultSubscriptionDeadLetterQueueID
field on the storage stack's deployment Outputs page. You can use Azure Service Bus trigger for Azure Functions to process the messages in the dead-letter queue.