Редагувати

DMI Decoder configurations

  • Стаття

This article explains how to configure the DMI decoder, and alternative configurations for devices that do not support it.

Overview

The Microsoft Defender for IoT Device inventory provides an overview of all IoT devices in your environment. The device inventory table can be customized to your preferences by adding or removing information fields, and filtering the fields.

The DMI decoder is used to retrieve data on the hardware and firmware of the device.

Retrieved fields are:

  • Firmware vendor
  • Firmware version
  • Hardware model
  • Hardware serial number
  • Hardware vendor

For more information on the DMI Decoder, see dmidecode(8): DMI table decoder - Linux man page (die.net).

Populate SMBIOS tables for dmidecode

To support dmidecode(8), SMBIOS tables needs to be present and valid. To implement, please refer to the System Management BIOS specifications.

Alternative configurations

For devices that do not support the DMI decoder, there are two alternative options for retrieving and setting the firmware and hardware fields:

JSON file

To manually set the values on the device, create a JSON file. The micro agent will read the values from the JSON file and send them to the cloud.

To configure the file, use the following path and format details:

  • Path:

        /etc/defender_iot_micro_agent/sysinfo.json

  • Format:

        "HardwareVendor": "<hardware vendor>", 
    "HardwareModel": "<hardware model>",
    "HardwareSerialNumber": "<hardware serial number>", 
    "FirmwareVendor": "<firmware vendor>", 
    "FirmwareVersion": "<firmware version>"

Module twin configurations

To manually set the values on the cloud, use the module twin configuration by setting the following properties:

    “properties”:{
        “desired”:{
                    “SystemInformation_HardwareVendor”: ”<data>”,
                    “SystemInformation_HardwareModel”: ”<data>”,
                    “SystemInformation_FirmwareVendor”: ”<data>”,
                    “SystemInformation_ FirmwareVersion”: ”<data>”,
                    “SystemInformation_HardwareSerialNumber”: ”<data>”
        }
    }

Next steps

Configure Microsoft Defender for IoT agent-based solution

Configure pluggable Authentication Modules (PAM) to audit sign-in events (Preview)