Share via

Outgoing messages in Event hub dropped to zero all of a sudden

YYz11 40 Reputation points
2026-01-12T14:59:58.9966667+00:00

Hello - we have a 3rd party SIEM that subscribes to events in Events hub. All of a sudden, the outgoing messages dropped to zero - incoming messages seems fine but requests dropped as well (compared to daily average). Is this in indication of an issue with Azure Events or the issue lies with the consumer? Not sure what to check as I'm relatively new with how Evens hub works. Thanks.

Azure Event Hubs
Answer accepted by question author
  1. Manoj Kumar Boyini 11,600 Reputation points Microsoft External Staff Moderator
    2026-01-12T15:08:50.4+00:00

    Hi YYz11,

    Thanks for the question and using MS Q&A platform. It looks like your Azure Event Hub is receiving messages, but not sending them out. This usually means the consumer (in your case, the third-party SIEM) is not reading the events.

    Here are the key things to check:

    Check the consumer – Make sure the SIEM is online and not showing errors.

    Check Event Hub metrics – Compare Incoming vs Outgoing messages to see where the drop happens.

    Check throttling/limits – If the throughput limit is reached, Event Hub may stop sending messages.

    Enable diagnostics logs – They help identify whether events are stuck or not being read.

    Verify connectivity – Ensure the SIEM has the correct connection string, permissions, and network access.

    Check Azure Service Health – Rarely, platform incidents can affect Event Hubs.

    In most cases, the consumer not reading messages is the main reason outgoing messages drop to zero.

    Are you receiving any error messages from your third-party SIEM when it tries to pull data from the Event Hub?

    1.Have there been any recent changes to the Event Hub configuration, the third-party consumer settings, or the environment where these are hosted?
    2.Can you confirm if the Event Hub is configured to allow outgoing connections from the SIEM tool without security or firewall issues?
    3.How long have you been observing the zero outgoing messages? Was there any specific occurrence before it started?

    Hope this heps, Please let us know if you have any questions and concerns.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.