azure / azure-iot-security Goto Github PK
View Code? Open in Web Editor NEWSecure Azure IoT solutions end to end
License: MIT License
Secure Azure IoT solutions end to end
License: MIT License
There are important files that Microsoft projects should all have that are not present in this repository. A pull request has been opened to add the missing file(s). When the pr is merged this issue will be closed automatically.
Microsoft teams can learn more about this effort and share feedback within the open source guidance available internally.
There are some critical and high CVEs detected in the Debian 9.13 base image used to build mcr.microsoft.com/ascforiot/azureiotsecurity:1.0.6. Can this be rebuilt with Debian 11 LTS to reduce the security vulnerabilities? There are still some critical and high security vulnerabilities from 2021 detected in Debian 11 base image, but the older CVEs have been addressed. This image was scanned with Trivy, as well as the Debian 11.0 image; see attached results.
azureiotsecurity_1_0_6_trivy_results.zip
Since recently the security IoT Edge module stopped working on one specific device. The module cannot connect to the edgeHub any more. Everything else works fine on this device especially all the other modules can connect to edgeHub and send data to IoT Hub. Also on another device the same configuration works fine including the security module. The debug logs of the security module look like this:
08/31/2020 08:03:59 | CorrelationId: 8621917e-5ac9-49f9-8730-0a8822b1f7a6 | Information: Agent is initializing...
08/31/2020 08:03:59 | CorrelationId: 8621917e-5ac9-49f9-8730-0a8822b1f7a6 | Information: Using Delayed start to allow EdgeHub module to complete initialization.
08/31/2020 08:04:09 | CorrelationId: 8621917e-5ac9-49f9-8730-0a8822b1f7a6 | Debug: Gateway Host: w120edgelinuxsimatic1
08/31/2020 08:04:09 | CorrelationId: 8621917e-5ac9-49f9-8730-0a8822b1f7a6 | Debug: EdgeHub IP: 172.18.0.2
08/31/2020 08:04:09 | CorrelationId: 8621917e-5ac9-49f9-8730-0a8822b1f7a6 | Debug: Module Id: azureiotsecurity
08/31/2020 08:04:09 | CorrelationId: 8621917e-5ac9-49f9-8730-0a8822b1f7a6 | Debug: Adding hosts mapping: 172.18.0.2 w120edgelinuxsimatic1
08/31/2020 08:04:09 | CorrelationId: 8621917e-5ac9-49f9-8730-0a8822b1f7a6 | Information: Verifiying EdgeHub is reachable using Amqp
08/31/2020 08:04:09 | CorrelationId: 8621917e-5ac9-49f9-8730-0a8822b1f7a6 | Debug: Checking connection: w120edgelinuxsimatic1:5671
08/31/2020 08:06:20 | CorrelationId: 8621917e-5ac9-49f9-8730-0a8822b1f7a6 | Debug: Error: Unable To Reach: w120edgelinuxsimatic1:5671
08/31/2020 08:06:20 | CorrelationId: 8621917e-5ac9-49f9-8730-0a8822b1f7a6 | Debug: Checking connection: w120edgelinuxsimatic1:443
08/31/2020 08:08:31 | CorrelationId: 8621917e-5ac9-49f9-8730-0a8822b1f7a6 | Debug: Error: Unable To Reach: w120edgelinuxsimatic1:443
08/31/2020 08:08:31 | CorrelationId: 8621917e-5ac9-49f9-8730-0a8822b1f7a6 | Fatal: Edgehub unreachable using Amqp. Terminating Module
08/31/2020 08:08:31 | CorrelationId: f3054c41-e6cd-494b-877c-c5f25b66af22 | Information: On stop Cancellation was requested, Disposing...
08/31/2020 08:08:43 | CorrelationId: 8dafcbf0-adc3-433b-b9ab-dbde3179e7ac | Information: Agent is initializing...
08/31/2020 08:08:44 | CorrelationId: 8dafcbf0-adc3-433b-b9ab-dbde3179e7ac | Information: Using Delayed start to allow EdgeHub module to complete initialization.
08/31/2020 08:08:54 | CorrelationId: 8dafcbf0-adc3-433b-b9ab-dbde3179e7ac | Debug: Gateway Host: w120edgelinuxsimatic1
08/31/2020 08:08:54 | CorrelationId: 8dafcbf0-adc3-433b-b9ab-dbde3179e7ac | Debug: EdgeHub IP: 172.18.0.2
08/31/2020 08:08:54 | CorrelationId: 8dafcbf0-adc3-433b-b9ab-dbde3179e7ac | Debug: Module Id: azureiotsecurity
08/31/2020 08:08:54 | CorrelationId: 8dafcbf0-adc3-433b-b9ab-dbde3179e7ac | Debug: Adding hosts mapping: 172.18.0.2 w120edgelinuxsimatic1
08/31/2020 08:08:54 | CorrelationId: 8dafcbf0-adc3-433b-b9ab-dbde3179e7ac | Information: Verifiying EdgeHub is reachable using Amqp
08/31/2020 08:08:54 | CorrelationId: 8dafcbf0-adc3-433b-b9ab-dbde3179e7ac | Debug: Checking connection: w120edgelinuxsimatic1:5671
08/31/2020 08:11:04 | CorrelationId: 8dafcbf0-adc3-433b-b9ab-dbde3179e7ac | Debug: Error: Unable To Reach: w120edgelinuxsimatic1:5671
08/31/2020 08:11:04 | CorrelationId: 8dafcbf0-adc3-433b-b9ab-dbde3179e7ac | Debug: Checking connection: w120edgelinuxsimatic1:443
08/31/2020 08:13:15 | CorrelationId: 8dafcbf0-adc3-433b-b9ab-dbde3179e7ac | Debug: Error: Unable To Reach: w120edgelinuxsimatic1:443
08/31/2020 08:13:15 | CorrelationId: 8dafcbf0-adc3-433b-b9ab-dbde3179e7ac | Fatal: Edgehub unreachable using Amqp. Terminating Module
08/31/2020 08:13:15 | CorrelationId: 298a08d2-9c3b-4b8e-9d89-ef780e8c0d5e | Information: On stop Cancellation was requested, Disposing...
08/31/2020 08:13:41 | CorrelationId: f237b898-262a-4673-9e12-239560f2edc5 | Information: Agent is initializing...
08/31/2020 08:13:41 | CorrelationId: f237b898-262a-4673-9e12-239560f2edc5 | Information: Using Delayed start to allow EdgeHub module to complete initialization.
08/31/2020 08:13:51 | CorrelationId: f237b898-262a-4673-9e12-239560f2edc5 | Debug: Gateway Host: w120edgelinuxsimatic1
08/31/2020 08:13:51 | CorrelationId: f237b898-262a-4673-9e12-239560f2edc5 | Debug: EdgeHub IP: 172.18.0.2
08/31/2020 08:13:51 | CorrelationId: f237b898-262a-4673-9e12-239560f2edc5 | Debug: Module Id: azureiotsecurity
08/31/2020 08:13:51 | CorrelationId: f237b898-262a-4673-9e12-239560f2edc5 | Debug: Adding hosts mapping: 172.18.0.2 w120edgelinuxsimatic1
08/31/2020 08:13:51 | CorrelationId: f237b898-262a-4673-9e12-239560f2edc5 | Information: Verifiying EdgeHub is reachable using Amqp
08/31/2020 08:13:51 | CorrelationId: f237b898-262a-4673-9e12-239560f2edc5 | Debug: Checking connection: w120edgelinuxsimatic1:5671
08/31/2020 08:16:01 | CorrelationId: f237b898-262a-4673-9e12-239560f2edc5 | Debug: Error: Unable To Reach: w120edgelinuxsimatic1:5671
08/31/2020 08:16:01 | CorrelationId: f237b898-262a-4673-9e12-239560f2edc5 | Debug: Checking connection: w120edgelinuxsimatic1:443
08/31/2020 08:18:12 | CorrelationId: f237b898-262a-4673-9e12-239560f2edc5 | Debug: Error: Unable To Reach: w120edgelinuxsimatic1:443
08/31/2020 08:18:12 | CorrelationId: f237b898-262a-4673-9e12-239560f2edc5 | Fatal: Edgehub unreachable using Amqp. Terminating Module
I tried the following:
We are currently on version 1.0.9.4 of edgeHub and edgeAgent.
Are there any ideas what I can try to solve the issue?
Hi,
I've installed the security module on my iot edge devices so the module version available on the azure market place.
It's seems like it's working fine. I get events in the security overview and logs workspace. I'm using the default configuration.
In the logs, im able to see the security events and alerts, but I can find where are all the snapshot (OS, harwarde, systeminfo, etc)
Moreover, there is this warning often in the module logs :
09/2020 05:58:55 | CorrelationId: acc70679-8141-47e1-83cb-3b1393750f2f | Warning: Process exited with error: /bin/bash -c "chroot /host ausearch -m USER_AUTH,USER_LOGIN --input-logs --checkpoint /var/tmp/UserLoginEventGeneratorCheckpoint", exitcode=10, message=
So where can I find all the snapshots event ?
And is there something to fix about the warning ?
I am using microsoft azure portal for IoT development. I had many expectation when I opted for it. However , now I am realising that I must have gone with AWS as there is lot of technical support and clear documentation. I feel stuck everytime when I am trying to implement anything new.
I know this is not the right platform to talk this, however after seeing all the unanswered issues. I couldn't stop. I will also email this to [email protected]
Just wondering Why there is no support from Microsoft on any of it's own git repositories?
Wondering if there is any intent to use DTDL v2 to define schemas for telemetry messages and twins.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.