topic Re: Raspberry PI Custom Alert in Advanced Threat Prevention Discussions

Raspberry PI Custom Alert

ronald.levine — Thu, 08 May 2025 20:12:55 GMT

How do I setup a Custom Alert is IoT Security to detect a Raspberry pi device. I have the following vendor codes, and I want to setup a custom alert if a raspberry device connects to our network.

Vendor Codes

28:cd:c1

2c:cf:67

B8:27:be

D8:3a:dd

dc:a6:32

e4:5f:01

Re: Raspberry PI Custom Alert

aimee64jones — Thu, 16 Apr 2026 12:01:58 GMT

To set up a custom alert in IoT Security for detecting Raspberry Pi devices, you can create a rule that triggers whenever a device connects with a MAC address starting with one of the known Raspberry Pi vendor codes. In practice, this means defining a custom detection policy that looks for the listed OUIs (`28:cd:c1`, `2c:cf:67`, `b8:27:be`, `d8:3a:dd`, `dc:a6:32`, `e4:5f:01`) and then configuring an alert action so that whenever a device with these prefixes appears on your network, IoT Security will raise a notification. This approach ensures you can quickly identify and respond to Raspberry Pi devices joining your environment.