Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

IOT Core Device Defender Metrics "No Data Available"

0

Hi, I've been unable to get cloud side metrics visible in IoT Core Device Defender for any of my deployed devices under Manage->Things->Thing ID->Defender Metrics tab. Selecting any metric and duration always just shows "No data available"

The most important thing I'd like to see is disconnect count/duration.

I've found the page at https://docs.aws.amazon.com/iot-device-defender/latest/devguide/detect-HowToHowTo.html and followed step 2 to create a security profile using this command on the AWS console:

aws iot create-security-profile --security-profile-name my-security-profile-name --security-profile-description "My description"  --additional-metrics-to-retain-v2  ' [  {    "metric": "aws:num-messages-sent",    "exportMetric": false },{    "metric": "aws:num-messages-received",    "exportMetric": false },{    "metric": "aws:num-authorization-failures",    "exportMetric": false },{    "metric": "aws:source-ip-address",    "exportMetric": false },{    "metric": "aws:num-connection-attempts",    "exportMetric": false  },{    "metric": "aws:num-disconnects",    "exportMetric": false },{    "metric": "aws:disconnect-duration",    "exportMetric": false } ] '

I got a success response back with securityProfileArn specified, so it looks like this command worked.

I originally missed attaching the security profile, however even after doing this with

aws iot attach-security-profile --security-profile-name my-security-profile-name --security-profile-target-arn arn:aws:iot:${my-region}:${my-account-id}:all/registered-things

substituting ${my-region} and ${my-account-id} and waiting 24 hours I still see the same "No Data Available"

Is there another step I need to take which isn't outlined there? Or is there a different way I need to create a security profile in order to actually enable cloud metrics?

Topics
Internet of Things (IoT)
Tags
AWS IoT Device DefenderAWS IoT Core
Language
English
asked a year ago226 views
2 Answers
2
Accepted Answer

Thank you for providing details about your issue with AWS IoT Device Defender metrics. It seems you've taken the correct initial step by creating a security profile, but there are a few additional steps you need to take to see the cloud-side metrics for your devices.

  1. Attach the security profile: After creating the security profile, you need to attach it to your devices or device groups. You can do this using the AttachSecurityProfile action or through the AWS IoT console. Without attaching the profile, AWS IoT Device Defender won't collect metrics for your devices.

  2. Wait for data collection: After attaching the security profile, it may take some time (usually a few hours) for AWS IoT to collect and display the metrics. The metrics are not instantaneous and depend on device activity.

  3. Verify device connectivity: Ensure that your devices are actually connecting to AWS IoT Core and performing actions like publishing or subscribing to topics. If devices aren't actively communicating, there may not be any metrics to display.

  4. Check permissions: Make sure your IAM user or role has the necessary permissions to view the metrics in the AWS IoT console.

  5. Confirm metric selection: When viewing metrics in the console, ensure you've selected the correct time range and metrics you want to view.

For the disconnect count and duration metrics specifically:

  • The "aws:num-disconnects" metric should show the number of times a device disconnects from AWS IoT during a given time period.
  • The "aws:disconnect-duration" metric is a newer feature that allows you to monitor the duration of device disconnections. This can help you track the active connection status of devices and receive alerts when devices are disconnected for longer than a specified duration.

If you've completed these steps and are still not seeing any data after 24-48 hours, it would be advisable to contact AWS support for further assistance, as there may be an account-specific issue or a problem with your device configurations.
Sources
How to use AWS IoT Device Defender detect - AWS IoT Device Defender
AWS IoT Device Defender now supports monitoring of device disconnect durations
Cloud-side metrics - AWS IoT Device Defender

answered a year ago
EXPERT
reviewed a year ago
0

It took just over 24 hours for the change to take effect, but the additional step to aws iot attach-security-profile resolved the issue.

answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content