This paper presents a method for detecting network attacks targeting resource-constrained IoT devices through the deployment of a lightweight software agent directly on such devices. The proposed agent is cross-platform, capable of being installed on heterogeneous IoT devices, and is designed to collect operational data from the device— including system calls, memory usage, CPU usage, process identifiers (PiD), process hashes, packet captures (PCAP), open ports, bandwidth utilization, and system messages. The agent incorporates a data filtering mechanism to eliminate records that do not exhibit abnormal behavior, thereby reducing processing overhead. The collected data is then analyzed and processed to identify potential network attacks. The proposed solution enables the acquisition of both system-level and network-level data from resource-limited IoT devices, facilitating efficient attack detection and significantly reducing the likelihood of successful cyberattacks on such devices.