How to enable Service Bus Relaying connections for Nodinite Log and Monitoring Agents
Easily connect and manage Nodinite Monitoring Agents anywhere—on-premise, in the cloud, or hybrid environments—using Microsoft Azure Service Bus Relaying. This guide empowers you to:
✅ Securely connect distributed Monitoring Agents across any network
✅ Optimize costs and performance with built-in caching and configuration tips
✅ Follow step-by-step setup for Service Bus Relaying and firewall rules
✅ Troubleshoot connectivity and security issues quickly
What is Service Bus Relaying?
The Service Bus relay service from Microsoft enables the Nodinite Monitoring Service to communicate with Nodinite Monitoring Agents. These agents can run in Azure datacenters, your on-premises enterprise, or even remote customer and partner sites.
Service Bus Relaying enables secure, scalable communication between distributed Monitoring Agents and the central Monitoring Service.
In essence, you can install and host Nodinite Monitoring Agents anywhere and everywhere! Simply install and configure the agent for Service Bus Relaying to unlock seamless integration.
Costs and pricing information
Running Nodinite Monitoring Agents with Service Bus Relaying incurs costs based on:
- Number of installed agents using Service Bus Relaying
- Synchronization interval set in Monitoring Agent Configuration
- State changes in exposed Resources—error-prone environments may cost more
- For custom-coded Monitoring Agents, ensure LogText only changes when necessary
- Caching—All Nodinite Monitoring Agents support ETAG caching to reduce costs and boost performance
- Number of Remote Actions executed
Note
Using Service Bus Relay requires an Azure account with a valid credit card and will incur costs.
Example: Azure Service Bus Relaying pricing overview
For the latest pricing, see microsoft 'Service Bus pricing' page.
How to configure the Monitoring Agents to use Service Bus Relaying
This section covers the general steps for configuring any [Monitoring Agent][] to use Service Bus Relaying.
Prerequisites
- Firewall
- Azure Subscription with a valid credit card
- Account must have at least Contributor role
- Namespace—endpoint address must be unique; for multiple agents, use separate Namespaces or adjust the endpoint address and Service URI accordingly
- Shared Access Signature security Key—see MDSN for details
Local Configuration
Each Monitoring Agent has a local configuration file (.config) with a commented Service Bus Relaying section. Remove the comments and enter your Service Bus Namespace details.
Important
This manual step requires RDP access and local admin rights. Restart the Monitoring Agent after editing. The README.txt will display the URI for use in Monitoring Agent Configuration.
- behaviorExtensions
- endpointBehaviors
- webHttpRelayBinding
- endpoint
Example: Monitoring Agent configuration file for Service Bus Relaying
1. behaviorExtensions
Uncomment the behaviorExtensions section.
Uncommenting behaviorExtensions in the config file
2. endpointBehaviors
Uncomment this section and update keyName and key as per your Azure portal setup.
3. webHttpRelayBinding
Uncomment this section.
4. endpoint
Uncomment this section and update ServiceBusNameSpace as per your Azure portal setup.
Create/select the Service Bus relay namespace in Azure
Monitoring Agent Configuration
In Monitoring Agent Configuration, update:
- Service URL
- Enable Authentication and set the Authentication Key
Settings tab
Enter the Service URL for the installed Monitor Agent (from Readme.txt or the <endpoint address ... in %Monitoring Agent%.exe.config).
Service URL in Monitoring Agent Configuration
Security tab
A Service Bus Relay connection string format:
SharedAccessKeyName=%SharedAccessKeyName%;SharedAccessKey=%SharedAccessKey%;AuthenticationKey=%AuthenticationKey%
Security tab for Service Bus Relay connection
Update these fields:
- SharedAccessKeyName—copy from Azure Portal (default: RootManageSharedAccessKey)
SharedAccessKeyName in Azure Portal - SharedAccessKey—copy from primary or secondary key
SharedAccessKey in Azure Portal - AuthenticationKey—provided by the Nodinite Monitoring Agent (from local Readme.txt)
Firewall
Open these outbound ports to '*.servicebus.windows.net' from both on-premise and off-site locations:
| Port | Name | Inbound | Outbound | TCP | UDP | Comment |
|---|---|---|---|---|---|---|
| 443 | HTTPS | Secure outbound traffic | ||||
| 5671, 5672 | Secure AMQP | |||||
| 9350 - 9354 | Net.TCP |
Troubleshooting
To debug connectivity, enable WCF diagnostics logging. See Microsoft docs.
Add the following <system.diagnostics> section to the local config file (.config):
Important
The Windows Service Account running the Agent must have write access to the log folder (e.g., C:\Temp\WCFlog). Ensure the folder exists!
...
<configuration>
<system.diagnostics>
<sources>
<Monitoring Agent Configuration name="System.ServiceModel"
switchValue="Information, ActivityTracing"
propagateActivity="true" >
<listeners>
<add name="xml"/>
</listeners>
</Monitoring Agent Configuration>
<Monitoring Agent Configuration name="System.ServiceModel.MessageLogging">
<listeners>
<add name="xml"/>
</listeners>
</Monitoring Agent Configuration>
<Monitoring Agent Configuration name="myUserTraceSource"
switchValue="Information, ActivityTracing">
<listeners>
<add name="xml"/>
</listeners>
</Monitoring Agent Configuration>
</sources>
<sharedListeners>
<add name="xml"
type="System.Diagnostics.XmlWriterTraceListener"
initializeData="C:\Temp\WCFlog\Error.svclog" />
</sharedListeners>
</system.diagnostics>
</configuration>
...
Contact our Support for additional guidance if you cannot resolve the problem.
Tip
Additional troubleshooting information may be available in the Windows Event Logs.
Nodinite 7 – Hybrid Connections with Azure Relay for New and Legacy Agents
Nodinite 7 introduces seamless support for Azure Relay Hybrid Connections, enabling both new and legacy Monitoring Agents to operate securely and efficiently across cloud, on-premise, and hybrid environments. This approach allows you to expose local agent endpoints to remote clients—without changing your existing agent implementation.
Concept Overview
Diagram: Azure Relay Hybrid Connection securely forwards requests from remote clients to local Nodinite Monitoring Agents, supporting both new and legacy endpoints.
Azure Relay Hybrid Connections act as a reverse-proxy, securely forwarding requests from the cloud to your local Monitoring Agent. External clients connect to the Azure Relay URL, and the relay transparently forwards requests to your agent’s local HTTP endpoint. This preserves all HTTP methods, headers (including X-ApiKey), and request bodies, ensuring compatibility with both new and old agents.
Key benefits:
- ✅ Connect agents anywhere—cloud, on-premise, or hybrid—without network reconfiguration
- ✅ No changes required to the agent’s WCF service implementation
- ✅ Secure, scalable, and compatible with modern authentication and legacy endpoints
- ✅ Centralized management and monitoring via Azure Portal
Old WCF-based agents required direct network access and manual endpoint configuration. Nodinite 7 uses Azure Relay Hybrid Connections, allowing agents to be exposed securely without modifying existing WCF code. The new approach supports both legacy and modern agents, simplifies remote access, and leverages cloud-native security and managemen
Step-by-Step Guide: Configure an Installed Agent for Remote Access
Follow these steps to enable remote access for your Nodinite Monitoring Agent using Azure Relay Hybrid Connections:
1. Prepare Your Environment
- Ensure your agent host runs .NET Framework 4.8 or later
- Confirm you have an Azure subscription with permission to create Relay resources
- Verify local agent endpoint is accessible (e.g., http://localhost:8000/Nodinite/Monitor/Agent/WindowsServer/IsAlive)
2. Create Azure Relay Resources
- In the Azure Portal, create a Relay namespace and Hybrid Connection
- Note the connection string and entity path for your Hybrid Connection
3. Update Agent Configuration
- Open the agent’s configuration file (App.config or .exe.config)
- Add or update the following settings under
<appSettings>:UseAzureRelay– set totrueto enable relay modeRelayConnectionString– paste the Azure Relay connection stringHybridConnectionName– specify the Hybrid Connection name (entity path)LocalWcfBaseUrl– set to your agent’s local endpoint (e.g., http://localhost:8000)- Optional: tune timeouts and concurrency for performance
4. Restart the Agent Service
- Restart the Windows service hosting your agent to apply configuration changes
- Confirm the agent logs show the relay listener is online and ready
5. Test Remote Connectivity
Diagram: Remote client sends requests to Azure Relay, which forwards them to the local Nodinite agent and returns the response.
- Use a tool like
curlor Postman to send requests to the Azure Relay URL - Include required headers (e.g., X-ApiKey, ServiceBusAuthorization) if your agent enforces authentication
- Verify responses are forwarded from the local agent endpoint
6. Troubleshooting
- If you receive 404 errors, check that the client URL matches the local endpoint path and the relay strips the entity path correctly
- For 401/403 errors, ensure SAS tokens and policy rights are correct
- For 500 errors, review agent logs for details on method, path, target, and status
- Confirm
UseAzureRelay=trueis set and the service is restarted
7. Security and Performance Tips
- Ensure TLS 1.2 is enabled for secure connections
- Adjust connection limits for high concurrency scenarios
- Use Azure Portal to monitor relay usage and manage access policies
By following these steps, you can enable remote, secure, and scalable access to Nodinite Monitoring Agents—regardless of their version or location. Azure Relay Hybrid Connections make it easy to modernize your integration landscape while supporting legacy agents and endpoints.
Next Step
Add or manage Monitoring Agent
Related Topics
Monitoring Agents
Monitoring Service
Microsoft Service Bus Relaying
Service Bus Relaying Pricing