cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Converting data batch to XML failed with error "0x80131500"

zxcv_RMiller
Copper Contributor

‎Feb 09 2021 11:54 AM - last edited on ‎Apr 08 2022 10:43 AM by

‎Feb 09 2021 11:54 AM - last edited on ‎Apr 08 2022 10:43 AM by

Converting data batch to XML failed with error "0x80131500"

I've recently onboarded some devices into Azure Sentinel via the DNS Connector, which uses the Monitor Agent (I think).

 

For the most part, this has worked, but the DNS lookup events frequently stop getting forwarded to the log workspace. Other events do continue to forward. In the 

'Operations Manager' event logs on one of my servers, I see events 4512 and 1103 that have contents like:
4512: Converting data batch to XML failed with error "0x80131500" (0x80131500) in rule "Microsoft.SystemCenter.CollectDnsEtwEvents" running for instance "" with id:"{<guid>}" in management group "AOI-<guid>".

1103: Summary: 1 rule(s)/monitor(s) failed and got unloaded, 0 of them reached the failure limit that prevents automatic reload. Management group "AOI-<guid>". This is summary only event, please see other events with descriptions of unloaded rule(s)/monitor(s).

After a few of these 1103 events, the message changes to "1 of them reached the failure limit..."

 

Something eventually reloads rules and the log collection begins again for a while before failing. I can also restart collection by using the DNS Collector configuration panel to re-send the collection rules.

 

How do I troubleshoot what dns events are failing to convert to XML and either fix the conversion, remediate the clients, or adjust the rules so that they don't try to capture these events? Does the management agent have verbose or detailed logging anywhere?

 

Labels:
1,085 Views
0 Likes
1 Reply
Reply
1 Reply
zxcv_RMiller

‎Jul 12 2021 12:04 PM

‎Jul 12 2021 12:04 PM

Re: Converting data batch to XML failed with error "0x80131500"

After a long while of this on the backburner, I opened a support case with MS and eventually got the following response:

 

Upon further testing and investigation I have been made aware that this is a known issue that will be fixed with a new AMA-agent based DNS connector, which will replace the current faulty solution, this new release is expected to be available by the end of this calendar year (2021).



0 Likes
Reply