Review device security baseline recommendations
A baseline establishes standard behavior for each device and makes it easier to establish unusual behavior or deviation from expected norms. Baseline custom checks establish a custom list of checks for each device baseline using the Module identity twin of the device.
Setting baseline properties
- In your IoT Hub, locate and select the device you wish to change.
- Select on the device, and then select the azureiotsecurity module.
- Select Module Identity Twin.
- Upload the baseline custom checks file to the device.
- Add baseline properties to the security module and select Save.
Baseline custom check file example
To configure baseline custom checks:
"desired": {
"ms_iotn:urn_azureiot_Security_SecurityAgentConfiguration": {
"baselineCustomChecksEnabled": {
"value" : true
},
"baselineCustomChecksFilePath": {
"value" : "/home/user/full_path.xml"
},
"baselineCustomChecksFileHash": {
"value" : "#hashexample!"
}
}
},
Baseline custom check properties
Name
Status
Valid values
Default values
Description
baselineCustomChecksEnabled
Required: true
Valid values: Boolean
Default value: false
Max time interval before high priority messages is sent.
baselineCustomChecksFilePath
Required: true
Valid values: String, null
Default value: null
Full path of the baseline xml configuration.
baselineCustomChecksFileHash
Required: true
Valid values: String, null
Default value: null
sha256sum of the xml configuration file. Use the sha256sum reference for additional information.