SHA2Verify Filter

The foglamp-filter-sha2verify plugin verifies the integrity of readings by computing a new SHA-2 hash and comparing it against the stored SHA-2 datapoint.

If a discrepancy is found, the filter can take one of the following actions:

• Label the reading as tampered by adding a status datapoint (e.g., “Tampered”).

• Remove the reading from the pipeline.

• Rename the asset to a configured name.

Additionally, a warning is logged when a tampered reading is detected. This warning is rate-limited to one warning per minute to avoid excessive logging by default.

Adding the SHA2Verify Filter

SHA2Verify filters are added in the same way as any other filters:

• SHA-2 Datapoint Name : Name of the SHA-2 datapoint

• Tamper Action : Action to take on tampering detection

• Status Datapoint Name : Name of the status datapoint when labeling

• Renamed Asset Name : New asset name if the configured action is to rename the asset.

• Log Rate Time Limit : Rate limit for logging mismatches (in minutes)

Enable the filter and click Done to activate it.