Azure IoT Hub Defender Micro Agent on Yocto/STM32MP1 – No Defender Metrics in IoT Hub Portal
Hi all, I'm currently running the Azure IoT Defender Micro Agent on a Yocto-based image (STM32MP1), and although the logs suggest the agent is working and sending data, no Defender metrics are visible in the Azure IoT Hub portal under Defender Metrics. Setup Details: Platform: STM32MP1 with Yocto Linux Transport: AMQP IoT Hub connection: Successful Cloud messages: send_confirm_callback success and device twin updates with result 200 Collectors enabled: SBoM, NetworkActivity, Heartbeat, LogCollector, Process, FileSystem, Peripheral, Baseline, etc. Observations: Logs show telemetry batching with message sizes up to 101KB. Agent attempts to read common paths like /etc/crontab fail with errno=[2] (file not found), which is expected given it's an embedded system. Repeated logs like Failed to stat() on=/proc/[pid]/cmdline, not sure if it's a blocker. Main Issue: Even though the agent appears to be collecting data and successfully sending messages, the Defender Metrics tab in the IoT Hub Portal remains empty, making it hard to verify if Defender is actively evaluating device risk or just accepting telemetry blindly. Questions: Does IoT Hub Defender require a full Linux environment with tools like dmidecode, /boot/grub/grub.cfg, or cron directories to process and display metrics? Are there any known limitations with Yocto-based minimal images that prevent Defender metrics from showing in the IoT Hub portal? Is there a way to validate if metrics are actually reaching and being processed by the Defender backend beyond the send_confirm_callback log? Any insights or guidance would be greatly appreciated. Thanks in advance!
How do I make excel change the colour of a cell depending on a different cells date?
Hi, How do I make excel change the colour of a cell depending on a different cells date? Turn A2 red if - E2 cell is smaller than todays date Turn A2 yellow with red outline if - E2 cell is equal to todays date Turn A2 clear if - E2 cell is bigger than the current date
Adding new Components to a sample webpart - Tutorials?
Greetings, I was wondering if anyone could point me in the direction of a tutorial(s) with more of a focus on taking sample webparts (from Github), and adding-to/extending their functionality. I have an odd way of learning, and I feel that something along these lines would greatly benefit me. If it helps... the specific sample I am looking to extend (and learn from) is the React-List-Form (https://github.com/pnp/sp-dev-fx-webparts/tree/main/samples/react-list-form) as it has a rather uniquely complex structure compared to other samples, and already has some cool functionality I'd like to better understand. The most basic concept I'd like to understand is adding a DateTime picker component, as it currently only has a Date picker component. If anyone knows of any tutorials with more of focus on this style of learning, I'd greatly appreciate it! Thanks, TR
Error in tutorials
In both this https://docs.loganalytics.io/docs/Learn/Getting-Started/Getting-started-with-queries and this https://docs.loganalytics.io/docs/Learn/Getting-Started/Getting-started-with-the-Analytics-portal there are references to and pics of the "Go" button. This is my first time in Log Analytics, and the button is called "Run", so I guess it has been changed recently🔒How to deal with multiple passwords cross-device [Password Manager]
NEW VIDEO N. 209 In this video tutorial, I’ll show how to deal with multiple passwords on the web cross-device. Today Microsoft Edge has the same functionality as Google Chrome, plus it offers the ability to manage passwords, combining Edge with the smartphone app Microsoft Authenticator you are able to sync all passwords through devices. The Microsoft Authenticator app helps you sign in to your accounts when you're using two-factor verification. Two-factor verification helps you to use your accounts more securely because passwords can be forgotten, stolen, or compromised. Two-factor verification uses a second factor like your phone to make it harder for other people to break in to your account. Moreover the Microsoft Authenticator app store and encrypt all passwords.Take Azure Defender for IoT for a Spin
Intended audience: Security and OT engineering enthusiasts, looking to secure unmanaged critical networks used by IoT/OT devices such as Building Management Systems, Manufacturing, Critical Infrastructure and more! Introduction You’ve read the product materials and would like to get started with securing your IoT/OT network – in this blog post, we will focus on setting up a sensor on your critical networks - without impacting IoT/OT stability or performance (If you missed it, you can read more about the capabilities of Azure Defender for IoT here). The goal of this article is to guide you through setting up a sensor to demonstrate the value of the system, as well as a quick start for securing unmanaged IoT/OT devices. Try it now at no charge Try Azure Defender for IoT - This version includes the agentless security provided via the integration of CyberX, a Microsoft company, plus the ability to connect to Azure Sentinel. Preparing your environment Azure Defender for IoT monitors unmanaged devices that are used in Operational Technology (OT) environments such as manufacturing, building management systems (BMS), life sciences, energy and water utilities, oil & gas, and logistics. In the most basic configuration, Setting up your environment can be taken in 4 easy steps: 1. Setup a sensor The software for the sensor may be installed on physical servers or as a virtual machine. The sensor installation files can be downloaded from the Azure Defender for IoT portal, on the “Getting Started” -> “Network Sensor” tab. Log into your Azure Account and download the ISO installer for the sensor. Install the ISO from USB on a VM or physical server (see Hardware Guide and Installation Guide) Make sure to make a note of the administrative login credentials presented during the installation process. If your setup includes multiple sensors, you can also download the optional “On-Premises Management Console” which allows you to manage and monitor large sensor deployments. More on this in the Installation Guide, Chapter 8 2. Monitor a SPAN port The sensor implements non-invasive passive monitoring with Network Traffic Analysis (NTA) and Layer 7 Deep Packet Inspection (DPI) to extract detailed IoT/OT information in real-time, even across diverse automation equipment from all major OT suppliers such as: Rockwell Automation, Schneider Electric, GE, Emerson, Siemens, Honeywell, ABB, Yokogawa, etc. Locate a managed LAN switch connected to IoT/OT devices. These switches can typically be set up with monitoring ports (also called SPAN or mirror ports). Utilizing this technique, the sensor will passively monitor the OT network, without creating any traffic which might impact or risk devices on the network. Connect the monitoring port to the sensor’s monitoring interface (typically the first available ethernet card) For more information and configuration examples, see the Network Deployment Guide, Chapter 5 - “Traffic Monitoring.” 3. Register and Activate the Sensor Once the sensor has been connected to the monitor port – it will immediately begin to analyze the network traffic. The next step is to login to the sensor and activate it with an activation file available for your account, in the Azure Defender for IoT portal. Log into your Azure Account select the “Onboard” sensor button (underlined below): Next, fill in the sensor name and subscription details. The button for "cloud-connected" will optionally send alert information into IoT Hub and Sentinel for further analysis. If you have an air-gapped or completely on-premises implementation with no connection to the cloud, disable the "cloud-connected" button below before you generate your license. Download the activation file. This will be used in the next step to activate the sensor. Login to the sensor’s IP address, with the administrative credentials shown during the installation process. On the next screen – upload the activation file from the previous step. For more information and detailed steps, see the Onboarding Guide. 4. Start Exploring Now you’ve successfully installed your first sensor and you can start using the system – view the asset inventory, zoom in on the network map or generate a risk report. Conclusion Thank you for reading this blog post. There will be more blog posts to follow, which will enable you to get the best of out your system, which will include: what to do when malware is detected, connecting to Azure Sentinel, or simulating attack vectors, so please check back with us soon. Learn more with these educational resources: Watch our Ignite session showing how Azure Defender for IoT and Azure Sentinel are combined to investigate multistage attacks that cross IT/OT boundaries, using the TRITON attack on a petrochemical facility as an example. Watch our Tech Community webinar describing MITRE ATT&CK for ICS, an OT-focused version of the well-known MITRE ATT&CK framework originally developed for IT networks. Watch our SANS webinar featuring the head of Microsoft’s datacenter security program, about securing building automation systems using continuous OT security monitoring. Stay tuned for an upcoming webinar during which we’ll do a technical walkthrough of how to deploy and use Azure Defender for IoT. Troubleshooting No traffic is monitored on the sensor. Check that the monitoring port is connected to the correct ethernet port. Make sure the port is indeed a SPAN port by monitoring bandwidth on the port. For more troubleshooting, see the Network Setup Guide, Appendix 1 I cannot find a device in the Asset Inventory Make sure the device is connected to the network. Search for its MAC address in the Asset Inventory – if it is active, it will appear on the list.MainActivity.kt from the Flutter sample is all red - it works, but is it normal?
Hi team, I just played a little bit around with the Flutter https://devblogs.microsoft.com/surface-duo/get-started-with-flutter-on-surface-duo/. During the tutorial I noticed that after I copy pasted the Kotlin source, mostly everything went red aka in an error state. Please see attached screenshot. The source was still buildable and worked as expected but it's a little bit of a shock for a beginner if everything is red.
Rookie user; need help please
New user, apologies for asking for help for IF statement with several conditions. If cell value is<7, then return "purple fill" of the cell, and if cell value is 7-8:59, then return "green fill" of the cell, and if cell value is 9-12:59, then return "yellow fill" of the cell and if cell value is 13-15:59, then return "orange fill" of the cell and if cell value is >16, then return "red fill of the cell
