Hi all,
I'm currently running the Azure IoT Defender Micro Agent on a Yocto-based image (STM32MP1), and although the logs suggest the agent is working and sending data, no Defender metrics are visible in the Azure IoT Hub portal under Defender Metrics.
Setup Details:
Platform: STM32MP1 with Yocto Linux
Transport: AMQP
IoT Hub connection: Successful
Cloud messages: send_confirm_callback success and device twin updates with result 200
Collectors enabled: SBoM, NetworkActivity, Heartbeat, LogCollector, Process, FileSystem, Peripheral, Baseline, etc.
Observations:
Logs show telemetry batching with message sizes up to 101KB.
Agent attempts to read common paths like /etc/crontab fail with errno=[2] (file not found), which is expected given it's an embedded system.
Repeated logs like Failed to stat() on=/proc/[pid]/cmdline, not sure if it's a blocker.
Main Issue:
Even though the agent appears to be collecting data and successfully sending messages, the Defender Metrics tab in the IoT Hub Portal remains empty, making it hard to verify if Defender is actively evaluating device risk or just accepting telemetry blindly.
Questions:
Does IoT Hub Defender require a full Linux environment with tools like dmidecode, /boot/grub/grub.cfg, or cron directories to process and display metrics?
Are there any known limitations with Yocto-based minimal images that prevent Defender metrics from showing in the IoT Hub portal?
Is there a way to validate if metrics are actually reaching and being processed by the Defender backend beyond the send_confirm_callback log?
Any insights or guidance would be greatly appreciated.
Thanks in advance!
