Platform Update - Access Key Improvements, Datadog Workflow Node

Today’s product release adds several security and usability improvements to access keys; a workflow integration with Datadog’s logging service; and many additional enhancements.

IP-Restricted Broker Access

Losant’s access keys serve as the primary authentication mechanism for connecting clients to our MQTT broker, establishing a bidirectional link between your IoT devices and our cloud platform. Starting today, broker connections can be restricted to specific IP addresses with those restrictions defined at the access key level.

Each key accepts a whitelist (allow ONLY) or a blacklist (allow all EXCEPT) of IP addresses or CIDR ranges that the broker evaluates against incoming connections using that key. Authentication requests from an IP address that violates the key’s rules will fail and the device will not connect.

A great use case for this feature is a fielded, inaccessible device that you would like to retire in favor of another device using the same ID. By restricting the IP address of the original device’s access key, you can prevent that hardware from connecting and causing the new device’s broker connection to be terminated.

Additional Access Key Enhancements

Today’s release includes several additional usability improvements for access keys:

• The user interface now supports finding keys through advanced query — which allows for quickly finding all keys tied to a specific device ID, or all keys with permission to publish to a specific MQTT topic.
• We’ve added an optional “Name” field that can be added to new or existing keys, bringing access keys more in line with other Losant application resources and allowing for quick scanning and querying of keys by a short, human-readable value.
• Starting today, access keys will display information on who or what created the key (for all new keys), as well as who or what last modified the key.

In large applications with thousands of devices, access key management can be burdensome as keys are rotated out or devices are retired. Today’s release should make that process much simpler for Losant’s users.

Datadog Workflow Node

Today’s release also adds a Datadog Logs: Write Node, allowing users to record application activity to the popular observability and security platform.

Many of our users have built their own custom node wrappers for reporting edge device metrics and experience user requests to Datadog, so we decided to create a first-class workflow node for sending messages to their service. Cloud-executed workflows use a corresponding service credential for authentication; edge workflows require inputting your hostname and API key inline.

This new node should make it even easier for Losant developers to integrate their applications with this popular service. Similar to the Loggly: Write Node, the Datadog Logs: Write Node allows for sending unstructured, high-throughput data for monitoring several aspects of your Losant application. You can then query that data within Datadog’s interface for advanced tracking of user and device activity.

Other Updates

As always, this release comes with other features and improvements, including:

• Jupyter notebooks can now accept application files as inputs to the runtime environment. While it was possible to reference public files as an external URL previously, this feature allows for pulling in the content of private files as well.
• Workflow debug streams now accept a filter expression for limiting the messages that appear in the stream. The expression is evaluated against every debug payload and only expressions that return truthy will be published. This is a great tool for quickly narrowing output to a specific case when debugging workflow behavior.
• As an enhancement to our previous release, we’ve added the option not to track event tag updates when creating an event. This solves an issue for users who were pushing more than 100 tag updates onto an event over the course of its lifecycle and running into maximum update limits.
• When exporting events, we’ve added an option to only output current event data and ignore all update history. This can greatly reduce file size and make CSVs more consumable if event history is not needed for the export.

What’s Next?

With every new release, we listen to your feedback. By combining your suggestions with our roadmap, we can continue to improve the platform while maintaining its ease of use. Let us know what you think in the Losant Forums.