2 Answers
- Newest
- Most votes
- Most comments
0
Hi. The Connect and Disconnect events in CloudWatch contain both the sourceIp detailing the IP address of the device and the principalId detailing the ID of the device certificate. Assuming you have a unique certificate for each Thing, you can use the two certificate IDs to find the Thing names. You can do that on the console or on the command line:
aws iot list-principal-things --principal arn:aws:iot:<region>:<accountID>:cert/<principalId>
You can use Logs Insights in CloudWatch to search for all Connect and Disconnect events using the particular <clientId>. You can use a filter statement like this:
filter clientId = '<clientId>' and (eventType = 'Connect' or eventType = 'Disconnect')
0
To find dedicated disconnects caused by a duplicate clientId you can use the following filter in CloudWatch Insights:
filter disconnectReason = "DUPLICATE_CLIENTID"
KR,
Philipp
Relevant content
- asked 3 years ago
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
You may also want to consider Thing policy variables to ensure that a device can only connect using a client ID that matches the Thing name.