Publisher ID is not set

Question

Publisher ID is not set

jjkoster opened this issue 5 years ago · 9 comments

When using o365beat I receive the error:

{"code":"AF429","message":"Too many requests. Method=GetContents, PublisherId=00000000-0000-0000-0000-000000000000"}

It looks like Publisher ID is not set from the config file from directory_id so the request get rate limited with the other 00000 etc Publisher IDs being used. I believe Publisher ID can be arbitrary from other Azure AD API scripts I have used.

My current config looks like this (hard coded values):
tenant_domain: removed
client_secret: removed
client_id: removed # aka application id (GUID)
directory_id: removed # aka tenant id (GUID)
registry_file_path: ./o365beat.state

I have tried to set the directory as an environment variable as well.

Thanks for any help.

Answer 1 · 2019-11-26T01:59:40.000Z

Thanks for the feedback! Could you confirm which version you're using, on which platform, and what calls are getting throttled? We fixed a version of this in a063d06, it should be properly appended to all throttle-able calls for a while now, but I might have missed one!

If you'd prefer to send logs or other info via email, you can reach me at chris@counteractive.net. Thanks again!

Answer 2 · 2019-11-26T02:15:35.000Z

Hi Chris,

I'm using 7.4.0, on Oracle Linux 7.6

The throttled request is for contenttype=Audit.AzureActiveDirectory

If you need more info, I'll send to your email address.

Answer 3 · 2019-11-26T02:17:41.000Z

Sorry version 1.4.2

Answer 4 · 2019-11-26T02:27:29.000Z

That's the current version, so there's definitely something else going on. To diagnose I'll need to see the logging output with all the debugging on, you can log to stderr (on the command line) with:

# and whatever other flags you're using when you have the issue
./o365beat -e -d "*"

Please send as much of that output via email as you can, and if you could send your config file too (you can of course remove anything sensitive), that'll help. Thanks so much for reaching out, I'm looking forward to sorting out what's going on!

Answer 5 · 2019-11-26T05:05:16.000Z

Sure enough, it turns out some tenancies can be so busy that even asking what content is available gets throttled! Thank you for reporting the issue, it should be a straightforward fix: every API call needs PublisherIdentifier appended, not just the high-volume calls. Sorry for not catching that sooner, we'll get it pushed in a new version this week.

Answer 6 · 2019-11-26T05:08:43.000Z

Thanks Chris. That'd be great. Much appreciated.

…

On Tue, 26 Nov 2019 at 16:05, Chris Hendricks ***@***.***> wrote: Sure enough, it turns out some tenancies can be so busy that even asking what content is available gets throttled! Thank you for reporting the issue, it should be a straightforward fix: *every* API call needs PublisherIdentifier appended, not just the high-volume calls. Sorry for not catching that sooner, we'll get it pushed in a new version this week. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#17?email_source=notifications&email_token=AIXLJGMMVKJXPC6W3Z4FIG3QVSVA3A5CNFSM4JRRFJL2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEFEXHBY#issuecomment-558461831>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AIXLJGIX337IKAC3YZEGW43QVSVA3ANCNFSM4JRRFJLQ> .

Answer 7 · 2019-11-29T22:10:40.000Z

@jjkoster: I pushed the Publisher ID into all API requests, so you shouldn't see this error once we issue a new release. I'm going to try to include a couple other fixes before we push that out, but it should be very soon. Thanks again for the feedback!

Answer 8 · 2019-12-01T22:53:21.000Z

Thanks Chris, looking forward to it.

Answer 9 · 2019-12-03T01:13:48.000Z

Thanks for your patience @jjkoster: release v1.4.3 contains this fix, please let me know if you run into anything else.