AAA_DIAGNOSTICS_VIEW
Provides details of all network sessions between Cisco ISE and users. Use iseql.py "SELECT view_name FROM user_views ORDER BY view_name ASC" to get all the tables or views that you have access to.
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| SESSION_ID | VARCHAR2 | Shows the session ID |
| ISE_NODE | VARCHAR2 | Displays the hostname of the ISE server |
| USERNAME | VARCHAR2 | Displays the username |
| MESSAGE_SEVERITY | VARCHAR2 | Displays the severity of message |
| MESSAGE_CODE | VARCHAR2 | Displays the message code |
| MESSAGE_TEXT | VARCHAR2 | Displays the message text |
| CATEGORY | VARCHAR2 | Displays the category |
| INFO | VARCHAR2 | Displays the diagnostic info |
ADAPTER_STATUS
Adapter Status Report
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| STATUS | VARCHAR2 | Specifies the adapter status |
| ID | VARCHAR2 | Unique database ID |
| ADAPTER_NAME | VARCHAR2 | Specifies the adapter name |
| CONNECTIVITY | VARCHAR2 | Specifies the connectivity |
ADAPTIVE_NETWORK_CONTROL
The Adaptive Network Control Audit report is based on the RADIUS accounting. It displays historical reporting of all network sessions for each endpoint
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| ENDPOINT_ID | VARCHAR2 | Specifies the endpoint ID |
| ID | NUMBER | Unique Database ID |
| IP_ADDRESS | VARCHAR2 | Specifies the IP address |
| IPV6_ADDRESS | VARCHAR2 | Specifies the IPV6 IP address |
| OPERATION_TYPE | VARCHAR2 | Specifies the operation type |
| OPERATION_STATUS | VARCHAR2 | Specifies the operation status |
| AUDIT_SESSION | VARCHAR2 | Specifies the audit session |
| ADMIN_IDENTITY | VARCHAR2 | Specifies the admin identity |
| ADMIN_IP | VARCHAR2 | Specifies the admin IP |
| ISE_NODE | VARCHAR2 | Specifies the ISE node |
ADMINISTRATOR_LOGINS
Gives the data about the administrator logins to the ISE
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when administrator logged in |
| TIMESTAMP | TIMESTAMP(6) | Time when administrator logged in |
| ISE_NODE | VARCHAR2 | Hostname of ISE node |
| ADMIN_NAME | VARCHAR2 | Name of the admin |
| IP_ADDRESS | VARCHAR2 | IP address of the client from where the admin logged in |
| IPV6_ADDRESS | VARCHAR2 | IPV6 address |
| INTERFACE | VARCHAR2 | Interface used for login GUI/CLI |
| ADMIN_SESSION | VARCHAR2 | admin session |
| EVENT_DETAILS | VARCHAR2 | Details of the event |
| EVENT | VARCHAR2 | Admin logged in or logged out |
ADMIN_USERS
This provides details of all the administrators of ISE
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | VARCHAR2 | Database unique ID |
| STATUS | VARCHAR2 | Admin user is enabled or disabled |
| NAME | VARCHAR2 | Name of the admin user |
| DESCRIPTION | VARCHAR2 | Description |
| FIRST_NAME | VARCHAR2 | First name of the admin user |
| LAST_NAME | VARCHAR2 | Last name of the admin user |
| EMAIL_ADDRESS | VARCHAR2 | Email address of the admin user |
| ADMIN_GROUP | VARCHAR2 | Group to which admin user belongs |
AUP_ACCEPTANCE_STATUS
Track all accepted and denied AUP connections
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | NUMBER | Database unique ID |
| TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| MESSAGE_CODE | VARCHAR2 | Message code |
| USERNAME | VARCHAR2 | User name |
| IP_ADDRESS | VARCHAR2 | IP address of the endpoint |
| MAC_ADDRESS | VARCHAR2 | MAC address of the endpoint |
| PORTAL_NAME | VARCHAR2 | Portal name |
| AUP_ACCEPTANCE | VARCHAR2 | AUP acceptance status |
| FIRST_NAME | VARCHAR2 | First name of user |
| LAST_NAME | VARCHAR2 | Last name of user |
| IDENTITY_GROUP | VARCHAR2 | Identity group |
| EMAIL_ADDRESS | VARCHAR2 | Email address of user |
| PHONE_NUMBER | VARCHAR2 | Phone number of user |
| COMPANY | VARCHAR2 | Company of user |
| IDENTITY_STORE | VARCHAR2 | Identify store |
| NAD_ADDRESS | VARCHAR2 | IP address of NAD |
| NAS_IP_ADDRESS | VARCHAR2 | IP address of NAS |
| USER_DETAILS | VARCHAR2 | Details of the user |
AUTHORIZATION_PROFILES
Displays all existing authorization profiles
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| NAME | VARCHAR2 | Name of the authorization profiles |
| DESCRIPTION | VARCHAR2 | Description of the authorization profiles |
CHANGE_CONFIGURATION_AUDIT
Displays the configuration audit data
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | NUMBER | Database unique ID |
| TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| ISE_NODE | VARCHAR2 | Hostname of ISE node |
| MESSAGE_CODE | VARCHAR2 | Message code |
| ADMIN_NAME | VARCHAR2 | Name of the admin who made config change |
| NAS_IP_ADDRESS | VARCHAR2 | IP address of NAD |
| NAS_IPV6_ADDRESS | VARCHAR2 | IPV6 address of NAD |
| INTERFACE | VARCHAR2 | Interface used for login GUI/CLI |
| OBJECT_NAME | VARCHAR2 | Name of object for which config is changed |
| OBJECT_TYPE | VARCHAR2 | Type of object for which config is changed |
| MESSAGE_CLASS | VARCHAR2 | Message class |
| EVENT | VARCHAR2 | Config change done |
| REQUESTED_OPERATION | VARCHAR2 | Operation done |
| OPERATION_MESSAGE_TEXT | VARCHAR2 | Operation details |
| HOST_ID | VARCHAR2 | Hostname of ISE node on which change is done |
| REQUEST_RESPONSE_TYPE | VARCHAR2 | Type of request response |
| FAILURE_FLAG | VARCHAR2 | Failure flag |
| MODIFIED_PROPERTIES | CLOB | Modified properties |
| DETAILS | VARCHAR2 | Details of the event |
| OBJECT_ID | VARCHAR2 | Object ID |
| APPLIED_TO_ACS_INSTANCE | VARCHAR2 | ISE nodes to which change is applied |
| LOCAL_MODE | NUMBER | Local mode |
COA_EVENTS
Log of change of authorization issued based on threat events received from various adapters
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| COA_EVENT_ID | VARCHAR2 | Specifies the COA event ID |
| COA_STATUS | VARCHAR2 | Specifies the COA status |
| CALLING_STATION_ID | VARCHAR2 | Specifies the calling station ID |
| IP_ADDRESS | VARCHAR2 | Specifies the IP address |
| USERNAME | VARCHAR2 | Specifies the user name |
| NEW_AUTHZ_RULE | VARCHAR2 | Specifies the Network Authorization Rule |
| OLD_AUTHZ_PROFILE | VARCHAR2 | Specifies the old Authorization profile |
| NEW_AUTHZ_PROFILE | VARCHAR2 | Specifies the new Authorization profile |
| VENDOR_NAME | VARCHAR2 | Specifies the vendor name |
| INCIDENT_TYPE | VARCHAR2 | Specifies the incident type |
| THREAT_EVENTS | VARCHAR2 | Specifies the threat events |
| OPERATION_MESSAGE_TEXT | VARCHAR2 | Specifies the operation message text |
ENDPOINTS_DATA
Collection of all data related to endpoint that ISE collects
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ENDPOINT_POLICY_ID | VARCHAR2 | Specifies the unique ID of the endpoint policy used |
| MATCHED_POLICY_ID | VARCHAR2 | Specifies the ID of profiling used |
| NMAP_SUBNET_SCANID | NUMBER | NMAP subnet can ID of end points |
| PORTAL_USER | VARCHAR2 | Specifies the portal user |
| AUTH_STORE_ID | VARCHAR2 | Specifies the auth store ID |
| DEVICE_REGISTRATIONS_STATUS | NUMBER | Specifies if device is registered |
| REG_TIMESTAMP | NUMBER | Specifies the registered timestamp |
| POSTURE_APPLICABLE | NUMBER | Specifies if Posture is Applicable |
| CREATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time when record added |
| UPDATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time when record last updated |
| PROFILE_SERVER | VARCHAR2 | Specifies the ISE node that profiled the endpoint |
| BYOD_REG | VARCHAR2 | Specifies the BYOD Registration status |
| HOSTNAME | VARCHAR2 | Specifies the hostname of the endpoint |
| VERSION | NUMBER | Specifies the version |
| POSTURE_EXPIRY | VARCHAR2 | Specifies the posture expiry |
| NATIVE_UDID | VARCHAR2 | Endpoint native UDID |
| PHONE_ID | VARCHAR2 | Endpoint phone ID |
| PHONE_ID_TYPE | VARCHAR2 | Endpoint phone ID type |
| MDM_SERVER_ID | VARCHAR2 | Endpoint MDM server ID |
| UNIQUE_SUBJECT_ID | VARCHAR2 | Endpoint subject ID |
| MDM_GUID | VARCHAR2 | Endpoint MDM GUID |
| ENDPOINT_UNIQUE_ID | VARCHAR2 | Endpoint unique ID |
| ENDPOINT_ID | VARCHAR2 | Specifies the EPID of the endpoint |
| PROBE_DATA | VARCHAR2 | Specifies all the probe data acquired during profiling. When using Splunk, the PROBE_DATA column may display binary-encoded data streams (compressed and non-printable characters). |
| CUSTOM_ATTRIBUTES | VARCHAR2 | Specifies the custom attributes |
| ID | VARCHAR2 | Database unique ID |
| MAC_ADDRESS | VARCHAR2 | Specifies MAC address of the endpoint |
| ENDPOINT_POLICY | VARCHAR2 | Specifies the profiling policy under which endpoint got profiled |
| STATIC_ASSIGNMENT | VARCHAR2 | Specifies the endpoint static assignment status |
| STATIC_GROUP_ASSIGNMENT | VARCHAR2 | Specifies if endpoint statically assigned to user identity group |
| IDENTITY_GROUP_ID | VARCHAR2 | Specifies the unique ID of the User identity Group the endpoint belongs to |
| ENDPOINT_IP | VARCHAR2 | Specifies the IP address of the endpoint |
| ENDPOINT_POLICY_VERSION | NUMBER | The version of endpoint policy used |
| MATCHED_VALUE | VARCHAR2 | Matched Certainty Factor |
The following attributes in the Endpoints_Data view are updated in real time:
- ENDPOINT_POLICY
- MATCHED_VALUE
- STATIC_ASSIGNEMENT
- STATIC_GROUP_ASSIGNMENT
- IDENTITY_GROUP_ID
- MATCHED_POLICY_ID
- NMAP_SUBNET_SCAN_ID
- PORTAL_USER
- POSTURE_APPLICABLE
- DEVICE_REG_STATUS
- BYOD_REGISTERED
- HOST_NAME
- DEVICE_IDENTIFIER
- UNIQUE_SUBJECT_ID
- EPID
- ANOMALOUS_BEHAVIOUR
- AUP_ACCEPTED
- LAST_AUP_ACCEPTED_TIMESTAMP
- MDM_MANUFACTURER
- MDM_MODEL
- MDM_PROVIDER
- MDM_SERVER_ID
- MDM_SERVER_NAME
- MDMIMEI
- PHONE_ID
- PHONE_ID_TYPE
- MDM_SERIAL_NUM
- MDM_OS_VERSION
- MDM_PHONE_NUM
- MDM_ENROLLED
- MDM_COMPLIANT
- MDM_COMPLIANT_FAILURE_REASON
- MDM_DISKENCRYPTED
- MDM_JAILBROKEN
- MDM_SERVERREACHABLE
- MDM_PINLOCKSET
- MDM_LASTCHECKIN_TIMESTAMP
- MDM_UPDATETIMESTAMP
- MDM_USER_NOTIFIED
- MDM_GUID
The other attributes will be synchronized with a delay of up to 12 hours.
ENDPOINT_IDENTITY_GROUPS
This will provide details of all the endpoint identity groups
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | VARCHAR2 | Database unique ID |
| NAME | VARCHAR2 | Name |
| DESCRIPTION | VARCHAR2 | Description |
| CREATED_BY | VARCHAR2 | Name of the user |
| CREATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time of creation |
| UPDATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time of updating |
| STATUS | VARCHAR2 | Active/Inactive |
ENDPOINT_PURGE_VIEW
Enables the user to review the history of endpoints purge activities
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ENDPOINT_PURGE_ID | VARCHAR2 | Endpoint purge ID |
| RUN_TIME | TIMESTAMP(6) | Run time |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| PROFILER_SERVER | VARCHAR2 | Profiler server |
| ENDPOINT_PURGE_RULE | VARCHAR2 | Endpoint purge rule |
| ENDPOINT_COUNT | NUMBER | Number of endpoints |
| ID | NUMBER | Database unique ID |
EXT_ID_SRC_ACTIVE_DIRECTORY
List of Active Directory Identity Stores
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| NAME | VARCHAR2 | Name of active directory |
EXT_ID_SRC_CERT_AUTH_PROFILE
List of Certificate Authentication Profiles
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| NAME | VARCHAR2 | Name of Certificate Authentication Profile |
| DESCRIPTION | VARCHAR2 | Description of Certificate Authentication Profile |
EXT_ID_SRC_LDAP
List of LDAP Identity Sources
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| NAME | VARCHAR2 | Name of LDAP Identity Store |
| DESCRIPTION | VARCHAR2 | Description of LDAP Identity Store |
EXT_ID_SRC_ODBC
List of ODBC Identity Sources
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| NAME | VARCHAR2 | Name of ODBC Identity Store |
| DESCRIPTION | VARCHAR2 | Description of ODBC Identity Store |
EXT_ID_SRC_RADIUS_TOKEN
List of RADIUS Token Identity Sources
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| NAME | VARCHAR2 | Name of RADIUS Token Identity Sources |
| DESCRIPTION | VARCHAR2 | Description of RADIUS Token Identity Sources |
EXT_ID_SRC_REST
List of REST ID Stores
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| NAME | VARCHAR2 | Name of REST ID store |
| DESCRIPTION | VARCHAR2 | Description of REST ID store |
EXT_ID_SRC_RSA_SECURID
List of RSA SecurID Identity Sources
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| NAME | VARCHAR2 | Name of RSA SecurID Identity Sources |
EXT_ID_SRC_SAML_ID_PROVIDERS
List of SAML Identity Providers
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| NAME | VARCHAR2 | Name of SAML Identity Providers |
| DESCRIPTION | VARCHAR2 | Description of SAML Identity Providers |
EXT_ID_SRC_SOCIAL_LOGIN
List of Social Login Identity Stores
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| NAME | VARCHAR2 | Name of Social Login Identity Store |
| DESCRIPTION | VARCHAR2 | Description of Social Login Identity Store |
FAILURE_CODE_CAUSE
Provides details of various failure causes and respective codes
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| FAILURE_CODE | VARCHAR2 | Specifies the failure code |
| FAILURE_CAUSE | VARCHAR2 | Specifies the failure cause |
GUEST_ACCOUNTING
Details of all users assigned to guest identity groups appear in this report
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| IDENTITY | VARCHAR2 | Specifies the identity of the user |
| TIME_SPENT | VARCHAR2 | Specifies the time spent |
| LOGGED_IN | VARCHAR2 | Specifies the logged in time |
| LOGGED_OUT | VARCHAR2 | Specifies the logged out time |
| ENDPOINT_ID | VARCHAR2 | Specifies the endpoint ID |
| IP_ADDRESS | VARCHAR2 | Specifies the IP address |
GUEST_DEVICELOGIN_AUDIT
Tracks login activity by employees at the my device portal and device related operation performed by the users in the my device portal
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| USER_DETAILS | VARCHAR2 | Details of the user |
| PORTAL_NAME | VARCHAR2 | Name of guest portal used |
| DEVICE_NAME | VARCHAR2 | Name of device used |
| DEVICE_DETAILS | VARCHAR2 | Details of the device |
| MAC_ADDRESS | VARCHAR2 | MAC address of Device |
| IP_ADDRESS | VARCHAR2 | IP address of Device |
| OPERATION | VARCHAR2 | Operation that the user performed |
| RESULT | VARCHAR2 | Status of the user operation |
| FAILURE_REASON | VARCHAR2 | Specifies the failure reason |
| AUTH_IDENTITY_STORE | VARCHAR2 | Specifies the authentication identity store |
| SERVER | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
| LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| USERNAME | VARCHAR2 | User name of user |
| MESSAGE_CODE | VARCHAR2 | Syslog message code |
| FIRST_NAME | VARCHAR2 | First Name of user |
| LAST_NAME | VARCHAR2 | Last Name of user |
| IDENTITY_GROUP | VARCHAR2 | Identity group to which users belongs to |
| EMAIL_ADDRESS | VARCHAR2 | Email address of the user |
| PHONE_NUMBER | VARCHAR2 | Phone Number of user |
| COMPANY | VARCHAR2 | Company of the user |
| STATIC_ASSIGNMENT | VARCHAR2 | Specifies the endpoint static assignment status |
| ENDPOINT_PROFILER_SERVER | VARCHAR2 | ISE node which profiled the endpoint |
| NAD_ADDRESS | VARCHAR2 | IP address of NAD |
| NAS_IP_ADDRESS | VARCHAR2 | IP address of NAS |
| IDENTITY_STORE_NAME | VARCHAR2 | Specifies the name of the identity store |
| IDENTITY_STORE_GUID | VARCHAR2 | ID of Identity store in which user belongs |
| DESCRIPTION | VARCHAR2 | Description of user |
KEY_PERFORMANCE_METRICS
It will provides details of key performance metrics like average TPS, average load etc.,
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| LOGGED_TIME | TIMESTAMP(6) | Time data is collected |
| ISE_NODE | VARCHAR2 | ISE Node in deployment |
| RADIUS_REQUESTS_HR | NUMBER | Number of radius requests per hour for selected PSN server |
| LOGGED_TO_MNT_HR | NUMBER | Number of requests logged to MNT database for selected PSN server |
| NOISE_HR | NUMBER | Calculated as difference between radius requests and logged to MnT per hour |
| SUPPRESSION_HR | NUMBER | Calculated as percentage of Noise w.r.t. radius requests per hour for selected PSN server |
| AVG_LOAD | NUMBER | Average server load for selected server |
| MAX_LOAD | NUMBER | Maximum server load for selected server |
| AVG_LATENCY_PER_REQ | NUMBER | Average latency per radius request for selected PSN server |
| AVG_TPS | NUMBER | Average transactions per second |
LOGICAL_PROFILES
Displays all the logical profiles that exist along with their assigned policies
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| LOGICAL_PROFILE | VARCHAR2 | Name of logical Profile |
| SYSTEM_TYPE | VARCHAR2 | Type of logical profile like admin created or Cisco provided |
| DESCRIPTION | VARCHAR2 | Description |
| ASSIGNED_POLICIES | VARCHAR2 | Profiling policy assigned to logical profile. |
MISCONFIGURED_NAS_VIEW
Provides information about NADs with inaccurate accounting frequency typically when sending accounting information frequently
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| MESSAGE_TEXT | VARCHAR2 | Displays the message text |
| ID | NUMBER | Database unique ID |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| ISE_NODE | VARCHAR2 | Displays the hostname of the ISE server |
| MESSAGE_CODE | NUMBER | Displays the message code |
| NAS_IP_ADDRESS | VARCHAR2 | IP address of NAS |
| CALLING_STATION_ID | VARCHAR2 | Calling station ID |
| DETAIL_INFO | VARCHAR2 | Displays the detailed info |
| FAILED_ATTEMPTS | VARCHAR2 | Failed attempts |
| FAILED_TIMES | VARCHAR2 | Failed times |
| OTHER_ATTRIBUTES | CLOB | Other attributes |
| NAS_IPV6_ADDRESS | VARCHAR2 | NAS IPV6 address |
| TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
| FAILED_TIMES_HOURS | VARCHAR2 | Failed times in hours |
MISCONFIGURED_SUPPLICANTS_VIEW
Provides a list of mis-configured supplicants along with the statistics due to failed attempts that are performed by a specific supplicant
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| NAS_IP_ADDRESS | VARCHAR2 | IP address of NAS |
| NAS_PORT_ID | VARCHAR2 | NAS port ID |
| NAS_PORT_TYPE | VARCHAR2 | NAS port type |
| SELECTED_AUTHORIZATION_PROFILES | VARCHAR2 | Authorization profile used after authentication |
| POSTURE_STATUS | VARCHAR2 | Posture status |
| SECURITY_GROUP | VARCHAR2 | Security group |
| FAILURE_REASON | VARCHAR2 | Failure reason |
| RESPONSE | VARCHAR2 | Displays the response |
| EXECUTION_STEPS | VARCHAR2 | Execution steps |
| OTHER_ATTRIBUTES | BLOB | Other attributes |
| RESPONSE_TIME | NUMBER | Response time |
| PASSED | NUMBER | Passed flag |
| FAILED | NUMBER | Failed flag |
| CREDENTIAL_CHECK | VARCHAR2 | Credential check |
| ENDPOINT_PROFILE | VARCHAR2 | Endpoint matched profile |
| MDM_SERVER_NAME | VARCHAR2 | MDM server name |
| NAS_IPV6_ADDRESS | VARCHAR2 | NAS IPV6 address |
| MESSAGE_TEXT | VARCHAR2 | Displays the message text |
| FRAMED_IPV6_ADDRESS | VARCHAR2 | Framed IPV6 address |
| ID | NUMBER | Database unique ID |
| TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| ISE_NODE | VARCHAR2 | Displays the hostname of the ISE server |
| MESSAGE_CODE | NUMBER | Displays the message code |
| USERNAME | VARCHAR2 | User's claimed identity |
| USER_TYPE | VARCHAR2 | User type |
| CALLING_STATION_ID | VARCHAR2 | Calling station ID |
| ACCESS_SERVICE | VARCHAR2 | Access service |
| FRAMED_IP_ADDRESS | VARCHAR2 | Framed IP address |
| IDENTITY_STORE | VARCHAR2 | Identity store |
| IDENTITY_GROUP | VARCHAR2 | Identity group |
| AUDIT_SESSION_ID | VARCHAR2 | Unique numeric string identifying the server session |
| AUTHENTICATION_METHOD | VARCHAR2 | Authentication method |
| AUTHENTICATION_PROTOCOL | VARCHAR2 | Authentication protocol |
| SERVICE_TYPE | VARCHAR2 | The Type of Service the user has requested |
| NETWORK_DEVICE_NAME | VARCHAR2 | Network device name |
| DEVICE_TYPE | VARCHAR2 | Device type |
| LOCATION | VARCHAR2 | Location |
NETWORK_ACCESS_USERS
List of all the internal users in ISE
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | VARCHAR2 | Database ID of Internal User |
| STATUS | VARCHAR2 | Enabled or Disabled |
| USERNAME | VARCHAR2 | Name of User |
| DESCRIPTION | VARCHAR2 | Description of User |
| FIRST_NAME | VARCHAR2 | First Name of User |
| LAST_NAME | VARCHAR2 | Last Name of User |
| EMAIL_ADDRESS | VARCHAR2 | Email Address of User |
| IDENTITY_GROUP | VARCHAR2 | List of Identity Group ID to which user belongs |
| IS_ADMIN | VARCHAR2 | Shows if user is admin |
| ALLOW_PASSWORD_CHANGE_AFTER_LOGIN | NUMBER | Specifies if password change is allowed after login |
| CURRENT_SUCCESSFUL_LOGIN_TIME | VARCHAR2 | Specifies the current successful login time |
| LAST_SUCCESSFUL_LOGIN_TIME | VARCHAR2 | Specifies the last successful login time |
| LAST_UNSUCCESSFUL_LOGIN_TIME | VARCHAR2 | Specifies the last unsuccessful login time |
| SUCCESS_LOGIN_IPADDRESS | VARCHAR2 | Specifies the success login IP address |
| FAILED_LOGIN_IPADDRESS | VARCHAR2 | Specifies the failed login IP address |
| EXPIRY_DATE_ENABLED | NUMBER | Specifies the expiry date enabled |
| EXPIRY_DATE | NUMBER | Specifies the expiry date |
| ACCOUNT_NAME_ALIAS | VARCHAR2 | Specifies the account name alias |
| PASSWORD_LAST_UPDATED_ON | NUMBER | Specifies when the password was last updated |
| PASSWORD_NEVER_EXPIRES | NUMBER | Specifies if the password expired or not |
| ALARM_EMAILABLE | NUMBER | Specifies if the user receives system alarms |
NETWORK_DEVICES
Gives the network device information which is configured in ISE
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | VARCHAR2 | Database unique ID |
| NAME | VARCHAR2 | Name |
| IP_MASK | VARCHAR2 | IP address/mask |
| PROFILE_NAME | VARCHAR2 | Name of the profile |
| LOCATION | VARCHAR2 | Device location |
| TYPE | VARCHAR2 | Device type |
NETWORK_DEVICE_GROUPS
This provides details of all the network device groups
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | VARCHAR2 | Database unique ID |
| NAME | VARCHAR2 | Name |
| DESCRIPTION | VARCHAR2 | Description |
| CREATED_BY | VARCHAR2 | Name of the user |
| CREATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time of creation |
| UPDATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time of updating |
| ACTIVE_STATUS | VARCHAR2 | Active/Inactive |
NODE_LIST
Provide information of all the nodes of deployment
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| HOSTNAME | VARCHAR2 | Hostname |
| NODE_TYPE | VARCHAR2 | Personas enabled on the node |
| GATEWAY | VARCHAR2 | Default gateway configured |
| NODE_ROLE | VARCHAR2 | Standalone or multi-node |
| ACTIVE_STATUS | VARCHAR2 | Active/Inactive |
| REPLICATION_STATUS | VARCHAR2 | Status of replication |
| PDP_SERVICES | VARCHAR2 | Services enabled on the node |
| HOST_ALIAS | VARCHAR2 | FQDN |
| CREATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time of creation of record |
| UPDATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time of updating |
| XGRID_ENABLED | NUMBER | PxGrid enabled status |
| XGRID_PEER | VARCHAR2 | PxGrid peer |
| UDI_PID | VARCHAR2 | Product Identifier |
| UDI_VID | VARCHAR2 | Version Identifier |
| UDI_SN | VARCHAR2 | Serial Number |
| UDI_PT | VARCHAR2 | Node type virtual or physical |
| PATCH_VERSION | VARCHAR2 | Patch version |
| PIC_NODE | NUMBER | PIC node |
| INSTALLATION_TYPE | VARCHAR2 | Installation type |
| VM_INFO | VARCHAR2 | Virtual machine details |
| API_NODE | NUMBER | API node |
OPENAPI_OPERATIONS
Provides details about any configuration changes or data access performed using the OpenAPI framework
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| LOGGED_AT | TIMESTAMP(6) | Time when record logged |
| MESSAGE_TEXT | VARCHAR2 | Displays the message text |
| REQUEST_TIME | TIMESTAMP(6) WITH TIME ZONE | Displays the request time |
| REQUEST_NAME | VARCHAR2 | Displays the request name |
| HTTP_METHOD | VARCHAR2 | Displays the http method |
| REQUEST_ID | VARCHAR2 | Displays the request ID |
| REQUEST_BODY | VARCHAR2 | Displays the request body |
| RESPONSE | VARCHAR2 | Displays the response |
| HTTP_CODE | NUMBER | Displays the http code |
| HTTP_STATUS | VARCHAR2 | Displays the http status |
| ERROR_MESSAGE | VARCHAR2 | Displays the error if any |
| SERVER | VARCHAR2 | Displays the ISE hostname |
| RESPONSE_DURATION | NUMBER | Displays the response duration |
| CLIENT_IP | VARCHAR2 | Displays the client IP address |
| ADMINISTRATOR | VARCHAR2 | Displays the admin name |
POLICY_SETS
Provides a list of all policy sets currently configured in the system
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | VARCHAR2 | Database unique ID |
| CREATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time when record was created |
| UPDATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time when record was last updated |
| POLICYSET_STATUS | VARCHAR2 | Specifies if the policy set status is active |
| POLICYSET_NAME | VARCHAR2 | Specifies the policy set name |
| DESCRIPTION | VARCHAR2 | Specifies the policy sets description |
POSTURE_ASSESSMENT_BY_CONDITION
The report provides details about policy condition and their status
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| CONDITION_STATUS | VARCHAR2 | Displays the status of the condition i.e. passed, failed or skipped |
| LOCATION | VARCHAR2 | Displays the network device group location |
| LOGGED_AT | TIMESTAMP(6) | Specifies the time at which policy was enforced |
| POLICY | VARCHAR2 | Specifies the posture policy |
| POLICY_STATUS | VARCHAR2 | Displays the policy condition status |
| ENFORCEMENT_NAME | VARCHAR2 | Displays the posture requirement name |
| ENFORCEMENT_TYPE | VARCHAR2 | Enforcement type of the requirement i.e. mandatory, optional or audit |
| ENFORCEMENT_STATUS | VARCHAR2 | Displays the status of the posture requirement enforcement |
| ISE_NODE | VARCHAR2 | Displays the hostname of the ISE server |
| MESSAGE_CODE | VARCHAR2 | Displays the message code of the posture syslog |
| REQUEST_TIME | VARCHAR2 | Displays the request time |
| RESPONSE_TIME | VARCHAR2 | Displays the response time |
| ENDPOINT_ID | VARCHAR2 | Endpoint MAC address |
| ENDPOINT_OS | VARCHAR2 | Endpoint operating system |
| POSTURE_AGENT_VERSION | VARCHAR2 | Displays the version of the posture agent |
| POSTURE_STATUS | VARCHAR2 | Posture status i.e. pending, compliant, non-compliant etc |
| POSTURE_POLICY_MATCHED | VARCHAR2 | Displays the posture policy matched |
| POSTURE_REPORT | CLOB | Displays the posture report |
| ANTI_VIRUS_INSTALLED | VARCHAR2 | Displays the installed anti-virus |
| ANTI_SPYWARE_INSTALLED | VARCHAR2 | Displays the installed anti-spyware |
| FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
| PRA_ENFORCEMENT | NUMBER | Displays the status of periodic reassessment enforcement |
| PRA_INTERVAL | NUMBER | Periodic reassessment interval configured |
| PRA_ACTION | VARCHAR2 | Periodic reassessment action configured |
| PRA_GRACE_TIME | VARCHAR2 | Periodic reassessment grace time configured |
| IDENTITY | VARCHAR2 | Displays the user name |
| SESSION_ID | VARCHAR2 | Shows the session ID |
| FEED_URL | VARCHAR2 | Shows the update feed URL |
| NUM_OF_UPDATES | NUMBER | Displays the number of updates |
| USER_AGREEMENT_STATUS | VARCHAR2 | Displays the status of the user agreement |
| SYSTEM_NAME | VARCHAR2 | Hostname of the endpoint |
| SYSTEM_DOMAIN | VARCHAR2 | Displays the domain name of the endpoint |
| SYSTEM_USER | VARCHAR2 | Displays the system user |
| SYSTEM_USER_DOMAIN | VARCHAR2 | Displays the system user domain |
| IP_ADDRESS | VARCHAR2 | IP address of the endpoint |
| AM_INSTALLED | VARCHAR2 | Displays the anti-malware installed on the endpoint |
| CONDITION_NAME | VARCHAR2 | Specifies the posture condition which was matched |
POSTURE_ASSESSMENT_BY_ENDPOINT
This view shows which endpoints have been subject to posture assessment and also gives the administrator the ability to view the details of each endpoint's posture assessment
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| SYSTEM_DOMAIN | VARCHAR2 | Displays the domain name of the endpoint |
| SYSTEM_USER | VARCHAR2 | Displays the system user |
| SYSTEM_USER_DOMAIN | VARCHAR2 | Displays the system user domain |
| IP_ADDRESS | VARCHAR2 | IP address of the endpoint |
| PRA_GRACE_TIME | VARCHAR2 | Periodic reassessment grace time configured |
| NAD_LOCATION | VARCHAR2 | Location of NAD |
| AM_INSTALLED | VARCHAR2 | Displays the anti-malware installed on the endpoint |
| MESSAGE_TEXT | VARCHAR2 | Displays the message text |
| ID | NUMBER | Database unique ID |
| TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| ISE_NODE | VARCHAR2 | Hostname of ISE node |
| MESSAGE_CODE | VARCHAR2 | Displays the message code of the posture syslog |
| REQUEST_TIME | VARCHAR2 | Displays the request time |
| RESPONSE_TIME | VARCHAR2 | Displays the response time |
| ENDPOINT_MAC_ADDRESS | VARCHAR2 | MAC address of the endpoint |
| ENDPOINT_OPERATING_SYSTEM | VARCHAR2 | Operating system of the endpoint |
| POSTURE_AGENT_VERSION | VARCHAR2 | Displays the version of the posture agent |
| POSTURE_STATUS | VARCHAR2 | Posture status i.e. pending, compliant, non-compliant etc |
| POSTURE_POLICY_MATCHED | VARCHAR2 | Displays the posture policy matched |
| POSTURE_REPORT | CLOB | Displays the posture report |
| ANTI_VIRUS_INSTALLED | VARCHAR2 | Displays the installed anti-virus |
| ANTI_SPYWARE_INSTALLED | VARCHAR2 | Displays the installed anti-spyware |
| FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
| PRA_ENFORCEMENT_FLAG | NUMBER | Displays the status of periodic reassessment enforcement |
| PRA_INTERVAL | NUMBER | Periodic reassessment interval configured |
| PRA_ACTION | VARCHAR2 | Periodic reassessment action configured |
| USERNAME | VARCHAR2 | Displays the username |
| SESSION_ID | VARCHAR2 | Shows the session ID |
| FEED_URL | VARCHAR2 | Shows the update feed URL |
| NUM_OF_UPDATES | NUMBER | Number of updates |
| USER_AGREEMENT_STATUS | VARCHAR2 | Displays the status of the user agreement |
| SYSTEM_NAME | VARCHAR2 | Hostname of the endpoint |
POSTURE_GRACE_PERIOD
Lists the MAC address and the posture grace period expiration
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| MAC_LIST | VARCHAR2 | Specifies the list of MAC address |
| LAST_GRACE_EXPIRY | VARCHAR2 | Specifies the posture grace period expiration time |
POSTURE_SCRIPT_CONDITION
Provides execution status for each requirement that uses script condition.
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| ISE_NODE | VARCHAR2 | The name of the ISE Node |
| STATUS | VARCHAR2 | The execution status of the condition |
| POLICY_NAME | VARCHAR2 | The name of the policy being applied |
| REQUIREMENT_NAME | VARCHAR2 | The name of the requirement |
| SESSION_ID | VARCHAR2 | The Session ID |
| ENDPOINT_ID | VARCHAR2 | The Endpoint ID |
| UDID | VARCHAR2 | The UDID |
| CONDITION_NAME | VARCHAR2 | The name of the condition |
POSTURE_SCRIPT_REMEDIATION
Provides execution status for each requirement that uses script remediation.
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| ISE_NODE | VARCHAR2 | The name of the ISE Node |
| STATUS | VARCHAR2 | The execution status of the remediation |
| POLICY_NAME | VARCHAR2 | The name of the policy being applied |
| REQUIREMENT_NAME | VARCHAR2 | The name of the requirement |
| SESSION_ID | VARCHAR2 | The Session ID |
| ENDPOINT_ID | VARCHAR2 | The Endpoint ID |
| UDID | VARCHAR2 | The UDID |
PRIMARY_GUEST
The Primary Guest report combines data from various guest reports into a single view. This report collects all guest activity and provides details about the website guest users visit
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| DETAILS | VARCHAR2 | Specifies the details |
| PORTAL_NAME | VARCHAR2 | Specifies the portal name |
| RESULT | VARCHAR2 | Specifies the result |
| SPONSOR_FIRST_NAME | VARCHAR2 | Specifies the sponsor first name |
| SPONSOR_LAST_NAME | VARCHAR2 | Specifies the sponsor last name |
| IDENTITY_GROUP | VARCHAR2 | Specifies the identity group to which user belongs |
| SPONSOR_EMAIL_ADDRESS | VARCHAR2 | Specifies the sponsor email address |
| SPONSOR_PHONE_NUMBER | VARCHAR2 | Specifies the sponsor phone number |
| SPONSOR_COMPANY | VARCHAR2 | Specifies the sponsor company |
| GUEST_LAST_NAME | VARCHAR2 | Specifies the guest last name |
| GUEST_FIRST_NAME | VARCHAR2 | Specifies the guest first name |
| GUEST_EMAIL_ADDRESS | VARCHAR2 | Specifies the guest email address |
| GUEST_PHONE_NUMBER | VARCHAR2 | Specifies the guest phone number |
| GUEST_COMPANY | VARCHAR2 | Specifies the guest company |
| GUEST_STATUS | VARCHAR2 | Specifies the guest status |
| GUEST_TYPE | VARCHAR2 | Specifies the guest type |
| VALID_DAYS | VARCHAR2 | Specifies the number of days guest user is valid |
| FROM_DATE | VARCHAR2 | Specifies the start date of the guest user |
| TO_DATE | VARCHAR2 | Specifies the end date of the guest user |
| LOCATION | VARCHAR2 | Specifies the location of the guest user |
| SSID | VARCHAR2 | Specifies the SSID of guest user |
| GROUP_TAG | VARCHAR2 | Specifies the group tag of guest user |
| GUEST_PERSON_VISITED | VARCHAR2 | Specifies the guest person visited |
| GUEST_REASON_FOR_VISIT | VARCHAR2 | Specifies the guest reason for visit |
| NAS_IP_ADDRESS | VARCHAR2 | Specifies the NAS IP address |
| USER_LINK | CHAR | Specifies the user link |
| GUEST_LINK | CHAR | Specifies the guest link |
| FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
| TIME_SPENT | VARCHAR2 | Specifies the time spent |
| LOGGED_IN | VARCHAR2 | Specifies when logged in |
| LOGGED_OUT | VARCHAR2 | Specifies when logged out |
| OPTIONAL_DATA | VARCHAR2 | Specifies the optional data |
| IDENTITY_STORE | VARCHAR2 | Specifies the identity store to which the user belongs |
| NAD_ADDRESS | VARCHAR2 | Specifies the NAD address |
| SERVER | VARCHAR2 | Specifies the ISE node |
| SPONSOR_USER_DETAILS | VARCHAR2 | Specifies the sponsor user details |
| GUEST_USER_DETAILS | VARCHAR2 | Specifies the guest user details |
| MAC_ADDRESS | VARCHAR2 | Specifies the MAC address |
| IP_ADDRESS | VARCHAR2 | Specifies the IP address |
| SPONSOR_USERNAME | VARCHAR2 | Specifies the sponsor user name |
| GUEST_USERNAME | VARCHAR2 | Specifies the guest user name |
| GUEST_USERS | CLOB | Specifies the guest users |
| OPERATION | VARCHAR2 | Specifies the operation |
| AUP_ACCEPTANCE | VARCHAR2 | Specifies the AUP acceptance |
| LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was stored |
| MESSAGE | VARCHAR2 | Message for guest |
PROFILED_ENDPOINTS_SUMMARY
Displays profiling details about endpoints that are accessing the network
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | NUMBER | Database unique ID |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| ENDPOINT_ID | VARCHAR2 | Endpoint ID |
| ENDPOINT_PROFILE | VARCHAR2 | Endpoint profile |
| SOURCE | VARCHAR2 | Source name |
| HOST | VARCHAR2 | Host name |
| ENDPOINT_ACTION_NAME | VARCHAR2 | Endpoint action name |
| MESSAGE_CODE | VARCHAR2 | Message code |
| IDENTITY_GROUP | VARCHAR2 | Identity group name |
PROFILING_POLICIES
List and details of all endpoint profiles present on ISE
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| PROFILING_POLICY_NAME | VARCHAR2 | Name of Profiling Policy |
| DESCRIPTION | VARCHAR2 | Description of Profiling Policy |
PXGRID_DIRECT_DATA
Provides the details of the connector and the data it retrieves.
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| EDDA_ID | VARCHAR2 | The unique identifier as specified in the connector configuration |
| CONNECTOR_TYPE | VARCHAR2 | The connector type as specified in the connector configuration |
| CREATE_TIME | VARCHAR2 | The time when record created |
| BULK_ID | VARCHAR2 | The Bulk ID |
| VERSION | VARCHAR2 | The connector version |
| VERSION_TYPE | VARCHAR2 | The connector version type |
| NAME | VARCHAR2 | The connector name |
| DATA | VARCHAR2 | The data parsed by the connector in JSON format |
RADIUS_ACCOUNTING
This provides details of all the radius accounting records
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| VN | VARCHAR2 | Information of Virtual Network |
| AUTHORIZATION_POLICY | VARCHAR2 | Authorization policy |
| FAILURE_REASON | VARCHAR2 | Failure reason |
| SECURITY_GROUP | VARCHAR2 | Security group |
| CISCO_H323_SETUP_TIME | TIMESTAMP(6) | Cisco H323 setup time |
| CISCO_H323_CONNECT_TIME | TIMESTAMP(6) | Cisco H323 connect time |
| CISCO_H323_DISCONNECT_TIME | TIMESTAMP(6) | Cisco H323 disconnect time |
| RESPONSE_TIME | NUMBER | Response time |
| STARTED | NUMBER | Started |
| STOPPED | NUMBER | Stopped |
| NAS_IPV6_ADDRESS | VARCHAR2 | NAS IPV6 address |
| FRAMED_IPV6_ADDRESS | VARCHAR2 | FRAMED IPV6 address |
| ID | NUMBER | Database unique ID |
| TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
| ISE_NODE | VARCHAR2 | ISE node |
| SYSLOG_MESSAGE_CODE | VARCHAR2 | Message code |
| SESSION_ID | VARCHAR2 | Session ID |
| USERNAME | VARCHAR2 | User's claimed identity |
| USER_TYPE | VARCHAR2 | User type |
| CALLING_STATION_ID | VARCHAR2 | Calling station ID |
| ACCT_SESSION_ID | VARCHAR2 | Unique numeric string identifying the server session |
| ACCT_STATUS_TYPE | VARCHAR2 | Specifies whether accounting packet starts or stops a bridging, routing, or terminal server session. |
| ACCT_SESSION_TIME | NUMBER | Length of time (in seconds) for which the session has been logged in |
| SERVICE_TYPE | VARCHAR2 | The Type of Service the user has requested |
| FRAMED_PROTOCOL | VARCHAR2 | Framed protocol |
| ACCT_INPUT_OCTETS | VARCHAR2 | Number of octets received during the session |
| ACCT_OUTPUT_OCTETS | VARCHAR2 | Number of octets sent during the session |
| ACCT_INPUT_PACKETS | NUMBER | Number of packets received during the session |
| ACCT_OUTPUT_PACKETS | NUMBER | Number of octets sent during the session |
| FRAMED_IP_ADDRESS | VARCHAR2 | Framed IP address |
| NAS_PORT | VARCHAR2 | Physical port number of the NAS (Network Access Server) originating the request |
| NAS_IP_ADDRESS | VARCHAR2 | The IP address of the NAS originating the request |
| ACCT_TERMINATE_CAUSE | VARCHAR2 | Reason a connection was terminated |
| ACCESS_SERVICE | VARCHAR2 | Access service |
| AUDIT_SESSION_ID | VARCHAR2 | Audit session ID |
| ACCT_MULTI_SESSION_ID | VARCHAR2 | Multi session ID |
| ACCT_AUTHENTIC | VARCHAR2 | Authentication |
| TERMINATION_ACTION | VARCHAR2 | 0 Default 1 RADIUS-Request |
| SESSION_TIMEOUT | VARCHAR2 | Session timeout |
| IDLE_TIMEOUT | VARCHAR2 | Idle timeout |
| ACCT_INTERIM_INTERVAL | VARCHAR2 | Number of seconds between each transmittal of an interim update for a specific session |
| ACCT_DELAY_TIME | VARCHAR2 | Length of time (in seconds) for which the NAS has been sending the same accounting packet |
| EVENT_TIMESTAMP | VARCHAR2 | The date and time that this event occurred on the NAS |
| NAS_IDENTIFIER | VARCHAR2 | NAS ID |
| NAS_PORT_ID | VARCHAR2 | NAS port ID |
| ACCT_TUNNEL_CONNECTION | VARCHAR2 | Tunnel connection |
| ACCT_TUNNEL_PACKET_LOST | VARCHAR2 | Packet lost |
| DEVICE_NAME | VARCHAR2 | Network device name |
| DEVICE_GROUPS | VARCHAR2 | Network device group |
| SERVICE_SELECTION_POLICY | VARCHAR2 | Service selection policy |
| IDENTITY_STORE | VARCHAR2 | Identity store |
| AD_DOMAIN | VARCHAR2 | AD domain |
| IDENTITY_GROUP | VARCHAR2 | Identity group |
RADIUS_ACCOUNTING_WEEK
This is performance oriented view which contains all the radius accounting records for the last seven days
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| VN | VARCHAR2 | Information of Virtual Network |
| ACCT_SESSION_ID | VARCHAR2 | Unique numeric string identifying the server session |
| ACCT_STATUS_TYPE | VARCHAR2 | Specifies whether accounting packet starts or stops a bridging, routing, or terminal server session. |
| ACCT_SESSION_TIME | NUMBER | Length of time (in seconds) for which the session has been logged in |
| SERVICE_TYPE | VARCHAR2 | The Type of Service the user has requested |
| FRAMED_PROTOCOL | VARCHAR2 | Framed protocol |
| ACCT_INPUT_OCTETS | VARCHAR2 | Number of octets received during the session |
| ACCT_OUTPUT_OCTETS | VARCHAR2 | Number of octets sent during the session |
| ACCT_INPUT_PACKETS | NUMBER | Number of packets received during the session |
| ACCT_OUTPUT_PACKETS | NUMBER | Number of octets sent during the session |
| FRAMED_IP_ADDRESS | VARCHAR2 | Framed IP address |
| NAS_PORT | VARCHAR2 | Physical port number of the NAS (Network Access Server) originating the request |
| NAS_IP_ADDRESS | VARCHAR2 | The IP address of the NAS originating the request |
| ACCT_TERMINATE_CAUSE | VARCHAR2 | Reason a connection was terminated |
| ACCESS_SERVICE | VARCHAR2 | Access service |
| AUDIT_SESSION_ID | VARCHAR2 | Audit session ID |
| ACCT_MULTI_SESSION_ID | VARCHAR2 | Multi session ID |
| ACCT_AUTHENTIC | VARCHAR2 | Authentication |
| TERMINATION_ACTION | VARCHAR2 | 0 Default 1 RADIUS-Request |
| SESSION_TIMEOUT | VARCHAR2 | Session timeout |
| IDLE_TIMEOUT | VARCHAR2 | Idle timeout |
| ACCT_INTERIM_INTERVAL | VARCHAR2 | Number of seconds between each transmittal of an interim update for a specific session |
| ACCT_DELAY_TIME | VARCHAR2 | Length of time (in seconds) for which the NAS has been sending the same accounting packet |
| EVENT_TIMESTAMP | VARCHAR2 | The date and time that this event occurred on the NAS |
| NAS_IDENTIFIER | VARCHAR2 | NAS ID |
| NAS_PORT_ID | VARCHAR2 | NAS port ID |
| ACCT_TUNNEL_CONNECTION | VARCHAR2 | Tunnel connection |
| ACCT_TUNNEL_PACKET_LOST | VARCHAR2 | Packet lost |
| DEVICE_NAME | VARCHAR2 | Network device name |
| DEVICE_GROUPS | VARCHAR2 | Network device group |
| SERVICE_SELECTION_POLICY | VARCHAR2 | Service selection policy |
| IDENTITY_STORE | VARCHAR2 | Identity store |
| AD_DOMAIN | VARCHAR2 | AD domain |
| IDENTITY_GROUP | VARCHAR2 | Identity group |
| AUTHORIZATION_POLICY | VARCHAR2 | Displays the authorization policy matched |
| FAILURE_REASON | VARCHAR2 | Failure reason |
| SECURITY_GROUP | VARCHAR2 | Security group |
| CISCO_H323_SETUP_TIME | TIMESTAMP(6) | Cisco H323 setup time |
| CISCO_H323_CONNECT_TIME | TIMESTAMP(6) | Cisco H323 connect time |
| CISCO_H323_DISCONNECT_TIME | TIMESTAMP(6) | Cisco H323 disconnect time |
| RESPONSE_TIME | NUMBER | Response time |
| STARTED | NUMBER | Started |
| STOPPED | NUMBER | Stopped |
| NAS_IPV6_ADDRESS | VARCHAR2 | NAS IPV6 address |
| FRAMED_IPV6_ADDRESS | VARCHAR2 | Framed IPV6 address |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| ID | NUMBER | Database unique ID |
| TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
| ISE_NODE | VARCHAR2 | ISE node |
| SYSLOG_MESSAGE_CODE | VARCHAR2 | Message code |
| SESSION_ID | VARCHAR2 | Established ISE session ID |
| USERNAME | VARCHAR2 | User's claimed identity |
| USER_TYPE | VARCHAR2 | User type |
| CALLING_STATION_ID | VARCHAR2 | Calling station ID |
RADIUS_AUTHENTICATIONS
This provides details of all the radius authentication records
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ORIG_CALLING_STATION_ID | VARCHAR2 | Calling station ID |
| CHECKSUM | VARCHAR2 | Checksum |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| ID | NUMBER | Database unique ID |
| TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
| ISE_NODE | VARCHAR2 | ISE node |
| SYSLOG_MESSAGE_CODE | NUMBER | Message code |
| USERNAME | VARCHAR2 | User's claimed identity |
| USER_TYPE | VARCHAR2 | User type |
| CALLING_STATION_ID | VARCHAR2 | Calling station ID |
| ACCESS_SERVICE | VARCHAR2 | Access service |
| FRAMED_IP_ADDRESS | VARCHAR2 | Framed IP address of user |
| IDENTITY_STORE | VARCHAR2 | Identity store of user |
| IDENTITY_GROUP | VARCHAR2 | User identity group |
| AUDIT_SESSION_ID | VARCHAR2 | Audit session ID |
| AUTHENTICATION_METHOD | VARCHAR2 | Method of authentication |
| AUTHENTICATION_PROTOCOL | VARCHAR2 | Protocol of authentication |
| SERVICE_TYPE | VARCHAR2 | The Type of Service the user has requested |
| DEVICE_NAME | VARCHAR2 | Network device name |
| DEVICE_TYPE | VARCHAR2 | Network device type |
| LOCATION | VARCHAR2 | Network device location |
| NAS_IP_ADDRESS | VARCHAR2 | The IP address of the NAS originating the request |
| NAS_PORT_ID | VARCHAR2 | Physical port number of the NAS (Network Access Server) originating the request |
| NAS_PORT_TYPE | VARCHAR2 | NAS port type |
| AUTHORIZATION_PROFILES | VARCHAR2 | Authorization profiles |
| POSTURE_STATUS | VARCHAR2 | Posture status |
| SECURITY_GROUP | VARCHAR2 | Security group |
| FAILURE_REASON | VARCHAR2 | Reason of failure |
| RESPONSE_TIME | NUMBER | Response time |
| PASSED | VARCHAR2 | Passed flag |
| FAILED | NUMBER | Failed flag |
| CREDENTIAL_CHECK | VARCHAR2 | Credential check |
| ENDPOINT_PROFILE | VARCHAR2 | Endpoint matched profile |
| MDM_SERVER_NAME | VARCHAR2 | MDM server name |
| POLICY_SET_NAME | VARCHAR2 | Policy set name |
| AUTHORIZATION_RULE | VARCHAR2 | Authorization rule |
| NAS_IPV6_ADDRESS | VARCHAR2 | NAS IPV6 address |
| FRAMED_IPV6_ADDRESS | VARCHAR2 | Framed ipv6 address |
RADIUS_AUTHENTICATIONS_WEEK
This is performance oriented view which contains all the radius authentication records for the last seven days
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | NUMBER | Database unique ID |
| TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
| ISE_NODE | VARCHAR2 | ISE node |
| SYSLOG_MESSAGE_CODE | NUMBER | Message code |
| USERNAME | VARCHAR2 | User's claimed identity |
| USER_TYPE | VARCHAR2 | User type |
| CALLING_STATION_ID | VARCHAR2 | Calling station ID |
| ACCESS_SERVICE | VARCHAR2 | Access service |
| FRAMED_IP_ADDRESS | VARCHAR2 | Framed IP address of user |
| IDENTITY_STORE | VARCHAR2 | Identity store of user |
| IDENTITY_GROUP | VARCHAR2 | User identity group |
| AUDIT_SESSION_ID | VARCHAR2 | Audit session ID |
| AUTHENTICATION_METHOD | VARCHAR2 | Method of authentication |
| AUTHENTICATION_PROTOCOL | VARCHAR2 | Protocol of authentication |
| SERVICE_TYPE | VARCHAR2 | The Type of Service the user has requested |
| DEVICE_NAME | VARCHAR2 | Network device name |
| DEVICE_TYPE | VARCHAR2 | Network device type |
| LOCATION | VARCHAR2 | Network device location |
| NAS_IP_ADDRESS | VARCHAR2 | The IP address of the NAS originating the request |
| NAS_PORT_ID | VARCHAR2 | Physical port number of the NAS (Network Access Server) originating the request |
| NAS_PORT_TYPE | VARCHAR2 | NAS port type |
| AUTHORIZATION_PROFILES | VARCHAR2 | Authorization profiles |
| POSTURE_STATUS | VARCHAR2 | Posture status |
| SECURITY_GROUP | VARCHAR2 | Security group |
| FAILURE_REASON | VARCHAR2 | Reason of failure |
| RESPONSE_TIME | NUMBER | Response time |
| PASSED | NUMBER | Passed flag |
| FAILED | NUMBER | Failed flag |
| CREDENTIAL_CHECK | VARCHAR2 | Credential check |
| ENDPOINT_PROFILE | VARCHAR2 | Endpoint matched profile |
| MDM_SERVER_NAME | VARCHAR2 | MDM server name |
| POLICY_SET_NAME | VARCHAR2 | Policy set name |
| AUTHORIZATION_RULE | VARCHAR2 | Authorization rule |
| NAS_IPV6_ADDRESS | VARCHAR2 | NAS IPV6 address |
| FRAMED_IPV6_ADDRESS | VARCHAR2 | Framed ipv6 address |
| ORIG_CALLING_STATION_ID | VARCHAR2 | Calling station ID |
| CHECKSUM | VARCHAR2 | Checksum |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| AUTHENTICATION_POLICY | VARCHAR2 | Displays the authentication policy matched |
| AUTHORIZATION_POLICY | VARCHAR2 | Displays the authorization policy matched |
| NAD_PROFILE_NAME | VARCHAR2 | Displays the network device profile |
RADIUS_AUTHENTICATION_SUMMARY
Displays an aggregate view of RADIUS authentications.
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| ISE_NODE | VARCHAR2 | Name of the ISE server used for authentication |
| USERNAME | VARCHAR2 | User name |
| CALLING_STATION_ID | VARCHAR2 | Mac address of the device the user is using |
| IDENTITY_STORE | VARCHAR2 | The Identity Store to which the user authenticated belongs to. Example - Internal Endpoints |
| IDENTITY_GROUP | VARCHAR2 | The Identity Group to which the user belongs to. Example - Windows11-Workstation |
| DEVICE_NAME | VARCHAR2 | The name of the network device used by the user to access network. Example - 9800CLWLC, Access-Switch-3K, 9800VWLC etc. |
| DEVICE_TYPE | VARCHAR2 | The type of the network device used by the user to access network. Example - Wireless - IEEE 802.11 |
| LOCATION | VARCHAR2 | The location hierarchy of the the network device. Example - All Locations#My-Territory#US#Sanjose#BLDG5 |
| ACCESS_SERVICE | VARCHAR2 | The protocol used for authentication. Example - NDAC_SGT_Service, Default Network Access |
| NAS_PORT_ID | VARCHAR2 | ID of the NAD Port used. Example - GigabitEthernet1/0/14 |
| AUTHORIZATION_PROFILES | VARCHAR2 | The authorization profile applied. Example - PermitAccess, Machine-Access |
| FAILURE_REASON | VARCHAR2 | Reason for the failure, in case authentication was not successful |
| SECURITY_GROUP | VARCHAR2 | The security group classification of the device i.e the source SGT. Example - TrustedDevices, Quarantined_Systems |
| TOTAL_RESPONSE_TIME | NUMBER | The total response time required for authentication |
| MAX_RESPONSE_TIME | NUMBER | The maximum response time required for authentication |
| PASSED_COUNT | NUMBER | The number of passed authentication |
| FAILED_COUNT | NUMBER | Number of failed authentication |
RADIUS_ERRORS_VIEW
Enables you to check for RADIUS Requests Dropped, EAP connection time outs and unknown NADs
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| RESPONSE | VARCHAR2 | Displays the response |
| EXECUTION_STEPS | VARCHAR2 | Execution steps |
| OTHER_ATTRIBUTES | BLOB | Other attributes |
| AUTHENTICATION_POLICY | VARCHAR2 | Authentication policy |
| AUTHORIZATION_POLICY | VARCHAR2 | Authorization policy |
| OTHER_ATTRIBUTES_STRING | CLOB | Other attributes |
| RESPONSE_TIME | NUMBER | Response time |
| PASSED | VARCHAR2 | Passed flag |
| FAILED | NUMBER | Failed flag |
| CREDENTIAL_CHECK | VARCHAR2 | Credential check |
| ENDPOINT_PROFILE | VARCHAR2 | Endpoint matched profile |
| MDM_SERVER_NAME | VARCHAR2 | MDM server name |
| NAS_IPV6_ADDRESS | VARCHAR2 | NAS IPV6 address |
| FRAMED_IPV6_ADDRESS | VARCHAR2 | Framed IPV6 address |
| ID | NUMBER | Database unique ID |
| TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| ISE_NODE | VARCHAR2 | Displays the hostname of the ISE server |
| MESSAGE_CODE | NUMBER | Displays the message code |
| MESSAGE_TEXT | VARCHAR2 | Message text |
| USERNAME | VARCHAR2 | User's claimed identity |
| USER_TYPE | VARCHAR2 | User type |
| CALLING_STATION_ID | VARCHAR2 | Calling station ID |
| ACCESS_SERVICE | VARCHAR2 | Access service |
| FRAMED_IP_ADDRESS | VARCHAR2 | Framed IP address |
| IDENTITY_STORE | VARCHAR2 | Identity store |
| IDENTITY_GROUP | VARCHAR2 | Identity group |
| AUDIT_SESSION_ID | VARCHAR2 | Unique numeric string identifying the server session |
| AUTHENTICATION_METHOD | VARCHAR2 | Authentication method |
| AUTHENTICATION_PROTOCOL | VARCHAR2 | Authentication protocol |
| SERVICE_TYPE | VARCHAR2 | The Type of Service the user has requested |
| NETWORK_DEVICE_NAME | VARCHAR2 | Network device name |
| DEVICE_TYPE | VARCHAR2 | Device type |
| LOCATION | VARCHAR2 | Location |
| NAS_IP_ADDRESS | VARCHAR2 | IP address of NAS |
| NAS_PORT_ID | VARCHAR2 | NAS port ID |
| NAS_PORT_TYPE | VARCHAR2 | NAS port type |
| SELECTED_AUTHORIZATION_PROFILES | VARCHAR2 | Authorization profile used after authentication |
| POSTURE_STATUS | VARCHAR2 | Posture status |
| SECURITY_GROUP | VARCHAR2 | Security group |
| FAILURE_REASON | VARCHAR2 | Failure reason |
REGISTERED_ENDPOINTS
Displays all personal devices registered by the employees
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ENDPOINT_ID | VARCHAR2 | Specifies the MAC address of endpoint |
| ENDPOINT_PROFILE | VARCHAR2 | Specifies the profiling policy under which endpoint got profiled |
| ENDPOINT_STATIC_ASSIGNMENT | VARCHAR2 | Specifies the endpoint static assignment status |
| STATIC_ASSIGNMENT_GROUP | VARCHAR2 | Specifies If endpoint statically assigned to user identity group |
| NMAP_SUBNET_SCANID | NUMBER | NMAP subnet of registered end points |
| CREATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time when record was created |
| LOGGED_AT | TIMESTAMP(6) WITH TIME ZONE | Time when the record was last updated |
| IDENTITY | VARCHAR2 | Specifies the portal user |
| DEVICE_REGISTRATION_STATUS | VARCHAR2 | Specifies if device is registered |
| IDENTITY_GROUP | VARCHAR2 | Specifies the identity group |
| SERVER | VARCHAR2 | Specifies the ISE node |
SECURITY_GROUPS
List and details of security groups
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| NAME | VARCHAR2 | Specified the name of the security group |
| SGT_DEC | NUMBER | Specifies the Security Group Tag in decimal |
| SGT_HEX | VARCHAR2 | Specifies the Security Group Tag in hexadecimal |
| DESCRIPTION | VARCHAR2 | Describes the security group |
| LEARNED_FROM | VARCHAR2 | Specifies where learned from |
SECURITY_GROUP_ACLS
List and details of Security group ACLs
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| NAME | VARCHAR2 | Name of the Security group ACL |
| DESCRIPTION | VARCHAR2 | Description of the security group ACL |
| IP_VERSION | VARCHAR2 | Specifies the IP version (ipv4 or ipv6) |
SPONSOR_LOGIN_AND_AUDIT
Tracks login activity by sponsor at the sponsor portal and guest related operation performed by sponsor
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | NUMBER | Database unique ID |
| TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| SPONSER_USER_NAME | VARCHAR2 | User name of sponsor |
| IP_ADDRESS | VARCHAR2 | IP address |
| MAC_ADDRESS | VARCHAR2 | MAC address |
| PORTAL_NAME | VARCHAR2 | Portal name |
| RESULT | VARCHAR2 | Result |
| IDENTITY_STORE | VARCHAR2 | Identity store |
| OPERATION | VARCHAR2 | Operation |
| GUEST_USERNAME | VARCHAR2 | User name of guest |
| GUEST_STATUS | VARCHAR2 | Status of guest |
| FAILURE_REASON | VARCHAR2 | Reason of failure |
| OPTIONAL_DATA | VARCHAR2 | Optional data |
| PSN_HOSTNAME | VARCHAR2 | Hostname of PSN |
| USER_DETAILS | VARCHAR2 | Details of user |
| GUEST_DETAILS | VARCHAR2 | Details of guest |
| GUEST_USERS | CLOB | Guest users |
SYSTEM_DIAGNOSTICS_VIEW
Provides details about the status of the Cisco ISE nodes. If a Cisco ISE node is unable to register, you can review this report to troubleshoot the issue
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | NUMBER | Database unique ID |
| TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| ISE_NODE | VARCHAR2 | Displays the hostname of the ISE server |
| MESSAGE_SEVERITY | VARCHAR2 | Displays the severity of message |
| MESSAGE_CODE | VARCHAR2 | Displays the message code |
| MESSAGE_TEXT | VARCHAR2 | Displays the message text |
| CATEGORY | VARCHAR2 | Displays the category |
| DIAGNOSTIC_INFO | VARCHAR2 | Displays the diagnostic info |
SYSTEM_SUMMARY
Displays system health information like CPU utilization , storage utilization , number of CPU etc
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| TIMESTAMP | TIMESTAMP(6) | Time when record made |
| ISE_NODE | VARCHAR2 | Name of ISE node |
| CPU_UTILIZATION | NUMBER | Specifies the CPU utilization in percentage |
| CPU_COUNT | NUMBER | Specifies the number of CPU cores |
| MEMORY_UTILIZATION | NUMBER | Specifies the percentage of memory utilization |
| DISKSPACE_ROOT | NUMBER | Specifies the percentage of storage utilized in root folder |
| DISKSPACE_BOOT | NUMBER | Specifies the percentage of storage utilized in boot folder |
| DISKSPACE_OPT | NUMBER | Specifies the percentage of storage utilized in opt folder |
| DISKSPACE_STOREDCONFIG | NUMBER | Specifies the percentage of storage utilized in storedconfig folder |
| DISKSPACE_TMP | NUMBER | Specifies the percentage of storage utilized in tmp folder |
| DISKSPACE_RUNTIME | NUMBER | Specifies the percentage of storage utilized in runtime |
TACACS_ACCOUNTING
This view contains details of TACACS accounting records
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| REMOTE_ADDRESS | VARCHAR2 | Shows the IP address, MAC address, or any other string that uniquely identifies the end station |
| ID | NUMBER | Database record primary key for the table |
| USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
| IDENTITY_GROUP | VARCHAR2 | Identity group to which users belongs to |
| GENERATED_TIME | VARCHAR2 | Shows the syslog generation time based on when a particular event was triggered |
| LOGGED_TIME | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
| AUTHENTICATION_SERVICE | VARCHAR2 | Specifies the authentication service |
| AUTHENTICATION_METHOD | VARCHAR2 | Protocol used for authentication |
| AUTHENTICATION_PRIVILEGE_LEVEL | VARCHAR2 | Specifies the Authentication Privilege Level |
| ATTRIBUTES | VARCHAR2 | Specifies the attributes |
| MESSAGE_TEXT | VARCHAR2 | Specifies the message text |
| EXECUTION_STEPS | VARCHAR2 | Specifies the execution steps |
| AUTHENTICATION_TYPE | VARCHAR2 | Specifies the authentication type |
| STATUS | VARCHAR2 | Shows if the status is pass or failed |
| MESSAGE_CODE | NUMBER | Syslog message code |
| COMMAND | VARCHAR2 | Specifies the command |
| COMMAND_ARGS | VARCHAR2 | Specifies the command arguments |
| DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
| LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
| ACCOUNTING_TYPE | VARCHAR2 | Specifies the accounting type |
| DEVICE_IPV6 | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
| EPOCH_TIME | NUMBER | Specifies the unix epoch time |
| FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
| SESSION_KEY | VARCHAR2 | Shows the session keys (found in the EAP success or EAP failure messages) returned by ISE to the network device. |
| EVENT | VARCHAR2 | Specifies the event like Accounting |
| DEVICE_NAME | VARCHAR2 | Name of the network device (The AAA client) |
| DEVICE_IP | VARCHAR2 | IP of the network device (The AAA client) |
| DEVICE_GROUPS | VARCHAR2 | To which network device group the AAA client belongs to |
| DEVICE_PORT | VARCHAR2 | Shows the network device port number through which the access request is made. |
TACACS_ACCOUNTING_LAST_TWO_DAYS
This is performance oriented view which contains all the TACACS accounting records for the last two days
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | NUMBER | Database record primary key for the table |
| USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
| IDENTITY_GROUP | VARCHAR2 | Identity group to which users belongs to |
| GENERATED_TIME | TIMESTAMP(6) WITH TIME ZONE | Shows the syslog generation time based on when a particular event was triggered |
| LOGGED_TIME | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
| AUTHENTICATION_SERVICE | VARCHAR2 | Specifies the authentication service |
| AUTHENTICATION_METHOD | VARCHAR2 | Protocol used for authentication |
| AUTHENTICATION_PRIVILEGE_LEVEL | VARCHAR2 | Specifies the authentication privilege level |
| AUTHENTICATION_TYPE | VARCHAR2 | Specifies the authentication type |
| STATUS | VARCHAR2 | Shows if the status is pass or failed |
| MESSAGE_CODE | NUMBER | Syslog message code |
| COMMAND | VARCHAR2 | Specifies the command |
| COMMAND_ARGS | VARCHAR2 | Specifies the command arguments |
| DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
| LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
| ACCOUNTING_TYPE | VARCHAR2 | Specifies the accounting type |
| DEVICE_IPV6 | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
| EPOCH_TIME | NUMBER | Specifies the unix epoch time |
| FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
| SESSION_KEY | VARCHAR2 | Shows the session keys (found in the EAP success or EAP failure messages) returned by ISE to the network device. |
| EVENT | VARCHAR2 | Specifies the event like Accounting |
| DEVICE_NAME | VARCHAR2 | Name of the network device (The AAA client) |
| DEVICE_IP | VARCHAR2 | IP of the network device (The AAA client) |
| DEVICE_GROUPS | VARCHAR2 | To which network device group the AAA client belongs to |
| DEVICE_PORT | VARCHAR2 | Shows the network device port number through which the access request is made. |
| REMOTE_ADDRESS | VARCHAR2 | Shows the IP address, MAC address, or any other string that uniquely identifies the end station |
TACACS_AUTHENTICATION
This provides details of all the TACACS authentication records
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| REMOTE_ADDRESS | VARCHAR2 | Shows the IP address, MAC address, or any other string that uniquely identifies the end station |
| SELECTED_AUTHORIZATION_PROFILE | VARCHAR2 | Authorization profile used after authentication |
| DESTINATION_IP_ADDRESS | VARCHAR2 | Specifies the destination IP address |
| STATUS | VARCHAR2 | Shows if the authentication succeeded or failed |
| DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
| LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
| IDENTITY_STORE | VARCHAR2 | Identity store to which users belongs to |
| DEVICE_IPV6 | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
| EPOCH_TIME | NUMBER | Specifies the unix epoch time |
| ID | NUMBER | Database record primary key for the table |
| GENERATED_TIME | VARCHAR2 | Shows the syslog generation time based on when a particular event was triggered |
| LOGGED_TIME | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
| MESSAGE_CODE | NUMBER | Syslog message code |
| USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
| FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
| AUTHENTICATION_POLICY | VARCHAR2 | Specifies the authentication policy |
| AUTHENTICATION_PRIVILEGE_LEVEL | VARCHAR2 | Specifies the Authentication Privilege Level |
| ATTRIBUTES | BLOB | Specifies the attributes |
| MESSAGE_TEXT | VARCHAR2 | Specifies the message text |
| EXECUTION_STEPS | VARCHAR2 | Specifies the execution steps |
| AUTHENTICATION_ACTION | VARCHAR2 | Specifies the authentication action |
| AUTHENTICATION_TYPE | VARCHAR2 | Specifies the authentication type |
| AUTHENTICATION_SERVICE | VARCHAR2 | Specifies the authentication service |
| SESSION_KEY | VARCHAR2 | Shows the session keys (found in the EAP success or EAP failure messages) returned by ISE to the network device. |
| EVENT | VARCHAR2 | Specifies the event like Accounting |
| DEVICE_NAME | VARCHAR2 | Name of the network device (The AAA client) |
| DEVICE_IP | VARCHAR2 | IP of the network device (The AAA client) |
| DEVICE_GROUPS | VARCHAR2 | To which network device group the AAA client belongs to |
| DEVICE_PORT | VARCHAR2 | Shows the network device port number through which the access request is made. |
TACACS_AUTHENTICATION_LAST_TWO_DAYS
This is performance oriented view which contains all the TACACS authentication records for the last two days
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| EPOCH_TIME | NUMBER | Specifies the unix epoch time |
| ID | NUMBER | Database record primary key for the table |
| GENERATED_TIME | TIMESTAMP(6) WITH TIME ZONE | Shows the syslog generation time based on when a particular event was triggered |
| LOGGED_TIME | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
| MESSAGE_CODE | NUMBER | Syslog message code |
| USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
| FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
| AUTHENTICATION_POLICY | VARCHAR2 | Specifies the authentication policy |
| AUTHENTICATION_PRIVILEGE_LEVEL | VARCHAR2 | Specifies the authentication privilege level |
| AUTHENTICATION_ACTION | VARCHAR2 | Specifies the authentication action |
| AUTHENTICATION_TYPE | VARCHAR2 | Specifies the authentication type |
| AUTHENTICATION_SERVICE | VARCHAR2 | Specifies the authentication service |
| SESSION_KEY | VARCHAR2 | Shows the session keys (found in the EAP success or EAP failure messages) returned by ISE to the network device. |
| EVENT | VARCHAR2 | Specifies the event like Accounting |
| DEVICE_NAME | VARCHAR2 | Name of the network device (The AAA client) |
| DEVICE_IP | VARCHAR2 | IP of the network device (The AAA client) |
| DEVICE_GROUPS | VARCHAR2 | To which network device group the AAA client belongs to |
| DEVICE_PORT | VARCHAR2 | Shows the network device port number through which the access request is made. |
| REMOTE_ADDRESS | VARCHAR2 | Shows the IP address, MAC address, or any other string that uniquely identifies the end station |
| SELECTED_AUTHORIZATION_PROFILE | VARCHAR2 | Authorization profile used after authentication |
| DESTINATION_IP_ADDRESS | VARCHAR2 | Specifies the destination IP address |
| STATUS | VARCHAR2 | Shows if the authentication succeeded or failed |
| DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
| LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
| IDENTITY_STORE | VARCHAR2 | Identity store to which users belongs to |
| DEVICE_IPV6 | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
TACACS_AUTHENTICATION_SUMMARY
Display aggregate view of TACACS authentications
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
| IDENTITY_STORE | VARCHAR2 | Identity store to which users belongs to |
| DEVICE_NAME | VARCHAR2 | Name of the network device (The AAA client) |
| DEVICE_GROUP | VARCHAR2 | To which network device group the AAA client belongs to |
| DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
| LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
| AUTHORIZATION_PROFILES | VARCHAR2 | Specifies the authorization profiles |
| FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
| PASSED_COUNT | NUMBER | Number of successful authentication |
| FAILED_COUNT | NUMBER | Number of failed authentication |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
TACACS_AUTHORIZATION
This provides details of all the TACACS authorization records
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | NUMBER | Database unique ID |
| GENERATED_TIME | VARCHAR2 | Shows the syslog generation time based on when a particular event was triggered |
| LOGGED_TIME | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
| ATTRIBUTES | BLOB | Specifies the attributes |
| EXECUTION_STEPS | VARCHAR2 | Specifies the execution steps |
| STATUS | VARCHAR2 | Shows if the status is pass or failed |
| EVENT | VARCHAR2 | Specifies the event like Accounting |
| MESSAGE_TEXT | VARCHAR2 | Specifies the operational message text |
| DEVICE_IPV6 | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
| DEVICE_NAME | VARCHAR2 | Name of the network device (The AAA client) |
| DEVICE_IP | VARCHAR2 | IP of the network device (The AAA client) |
| DEVICE_GROUP | VARCHAR2 | To which network device group the AAA client belongs to |
| DEVICE_PORT | VARCHAR2 | Shows the network device port number through which the access request is made. |
| EPOCH_TIME | NUMBER | Specifies the unix epoch time |
| FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
| USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
| AUTHORIZATION_POLICY | VARCHAR2 | Specifies the authorization policy |
| AUTHENTICATION_PRIVILEGE_LEVEL | VARCHAR2 | Specifies the Authentication Privilege Level |
| AUTHORIZATION_REQUEST_ATTR | VARCHAR2 | Specifies the request attribute |
| AUTHORIZATION_RESPONSE_ATTR | CLOB | Specifies the response attribute |
| SESSION_KEY | VARCHAR2 | Shows the session keys (found in the EAP success or EAP failure messages) returned by ISE to the network device. |
| REMOTE_ADDRESS | VARCHAR2 | Shows the IP address, MAC address, or any other string that uniquely identifies the end station |
| SHELL_PROFILE | VARCHAR2 | Specifies the TACACS Profiles |
| AUTHENTICATION_METHOD | VARCHAR2 | Specifies the authentication method |
| AUTHENTICATION_TYPE | VARCHAR2 | Specifies the authentication type |
| AUTHENTICATION_SERVICE | VARCHAR2 | Specifies the authentication type |
| DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
| LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
| MATCHED_COMMAND_SET | VARCHAR2 | Matched TACACS command sets |
| COMMAND_FROM_DEVICE | VARCHAR2 | Specifies the command in the matched command set |
TACACS_AUTHORIZATION_LAST_TWO_DAYS
This is performance oriented view which contains all the TACACS authorization records for the last two days.
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | NUMBER | Database unique ID |
| GENERATED_TIME | VARCHAR2 | Shows the syslog generation time based on when a particular event was triggered |
| LOGGED_TIME | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
| ATTRIBUTES | BLOB | Specifies the attributes |
| EXECUTION_STEPS | VARCHAR2 | Specifies the execution steps |
| STATUS | VARCHAR2 | Shows if the status is pass or failed |
| EVENT | VARCHAR2 | Specifies the event like Accounting |
| MESSAGE_TEXT | VARCHAR2 | Specifies the operational message text |
| DEVICE_IPV6 | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
| DEVICE_NAME | VARCHAR2 | Name of the network device (The AAA client) |
| DEVICE_IP | VARCHAR2 | IP of the network device (The AAA client) |
| DEVICE_GROUP | VARCHAR2 | To which network device group the AAA client belongs to |
| DEVICE_PORT | VARCHAR2 | Shows the network device port number through which the access request is made. |
| EPOCH_TIME | NUMBER | Specifies the unix epoch time |
| FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
| USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
| AUTHORIZATION_POLICY | VARCHAR2 | Specifies the authorization policy |
| AUTHENTICATION_PRIVILEGE_LEVEL | VARCHAR2 | Specifies the Authentication Privilege Level |
| AUTHORIZATION_REQUEST_ATTR | VARCHAR2 | Specifies the request attribute |
| AUTHORIZATION_RESPONSE_ATTR | CLOB | Specifies the response attribute |
| SESSION_KEY | VARCHAR2 | Shows the session keys (found in the EAP success or EAP failure messages) returned by ISE to the network device. |
| REMOTE_ADDRESS | VARCHAR2 | Shows the IP address, MAC address, or any other string that uniquely identifies the end station |
| SHELL_PROFILE | VARCHAR2 | Specifies the TACACS Profiles |
| AUTHENTICATION_METHOD | VARCHAR2 | Specifies the authentication method |
| AUTHENTICATION_TYPE | VARCHAR2 | Specifies the authentication type |
| AUTHENTICATION_SERVICE | VARCHAR2 | Specifies the authentication type |
| DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
| LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
| MATCHED_COMMAND_SET | VARCHAR2 | Matched TACACS command sets |
| COMMAND_FROM_DEVICE | VARCHAR2 | Specifies the command in the matched command set |
TACACS_COMMAND_ACCOUNTING
Displays details of TACACS command accounting
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
| EPOCH_TIME | NUMBER | Specifies the unix epoch time |
| ID | NUMBER | Unique database ID |
| USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
| GENERATED_TIME | VARCHAR2 | Shows the syslog generation time based on when a particular event was triggered |
| LOGGED_TIME | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
| AUTHENTICATION_PRIVILEGE_LEVEL | VARCHAR2 | Specifies the Authentication Privilege Level |
| ATTRIBUTES | BLOB | Specifies the attributes |
| EXECUTION_STEPS | VARCHAR2 | Specifies the execution steps |
| STATUS | VARCHAR2 | Shows if the status pass or failed |
| EVENT | VARCHAR2 | Specifies the event like Accounting |
| MESSAGE_TEXT | VARCHAR2 | Specifies the message text |
| FAILURE_REASON | VARCHAR2 | Specifies the failure reason |
| IDENTITY_GROUP | VARCHAR2 | Identity group to which users belongs to |
| SESSION_KEY | VARCHAR2 | Shows the session keys (found in the EAP success or EAP failure messages) returned by ISE to the network device. |
| DEVICE_NAME | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
| DEVICE_IP | VARCHAR2 | IP of the network device (The AAA client) |
| DEVICE_GROUPS | VARCHAR2 | To which network device group the AAA client belongs to |
| DEVICE_PORT | VARCHAR2 | Shows the network device port number through which the access request is made. |
| DEVICE_IPV6 | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
| REMOTE_ADDRESS | VARCHAR2 | Shows the IP address, MAC address, or any other string that uniquely identifies the end station |
| AUTHENTICATION_METHOD | VARCHAR2 | Specifies the authentication method |
| AUTHENTICATION_TYPE | VARCHAR2 | Specifies the authentication type |
| AUTHENTICATION_SERVICE | VARCHAR2 | Specifies the authentication service |
| COMMAND | VARCHAR2 | Specifies the command |
| COMMAND_ARGS | VARCHAR2 | Specifies the command arguments |
| DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
UPSPOLICY
Internal view. Not to be used.
UPSPOLICYSET
Internal view. Not to be used.
UPSPOLICYSET_POLICIES
Internal view. Not to be used.
THREAT_EVENTS
Log of threat events received from various sources
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| MAC_ADDRESS | VARCHAR2 | Specifies the MAC address |
| IP_ADDRESS | VARCHAR2 | Specifies the IP address |
| ID | VARCHAR2 | Unique database identifier |
| SEVERITY | VARCHAR2 | Specifies the severity |
| TITLE | VARCHAR2 | Specifies the title |
| EVENT_TIME | VARCHAR2 | Specifies the event time |
| VENDOR_NAME | VARCHAR2 | Specifies the vendor name |
| SOURCE | VARCHAR2 | Specifies the source |
| INCIDENT_TYPE | VARCHAR2 | Specifies the incident type |
| DETAILS | VARCHAR2 | Gives further details |
USER_IDENTITY_GROUPS
This will provide details of all the user identity groups
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| ID | VARCHAR2 | Primary key for user identity groups |
| NAME | VARCHAR2 | Name of the group |
| DESCRIPTION | VARCHAR2 | Description of the group |
| CREATED_BY | VARCHAR2 | The group was created by whom |
| CREATE_TIME | TIMESTAMP(6) WITH TIME ZONE | When the record was created |
| UPDATE_TIME | TIMESTAMP(6) WITH TIME ZONE | When the record was updated |
| STATUS | VARCHAR2 | Shows if the group is active |
USER_PASSWORD_CHANGES
Displays verification about employees password changes
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
| TIMESTAMP | TIMESTAMP(6) | Time when record added |
| ISE_NODE | VARCHAR2 | Displays the hostname of the ISE server |
| MESSAGE_CODE | VARCHAR2 | Displays the message code |
| ADMIN_NAME | VARCHAR2 | Admin name |
| ADMIN_IP_ADDRESS | VARCHAR2 | Admin IP address |
| ADMIN_IPV6_ADDRESS | VARCHAR2 | Admin IPV6 address |
| ADMIN_INTERFACE | VARCHAR2 | Admin interface used |
| MESSAGE_CLASS | VARCHAR2 | Message class |
| MESSAGE_TEXT | VARCHAR2 | Displays the message text |
| OPERATOR_NAME | VARCHAR2 | Operator name |
| USER_ADMIN_FLAG | VARCHAR2 | User admin flag |
| ACCOUNT_NAME | VARCHAR2 | Account name |
| DEVICE_IP | VARCHAR2 | Device IP |
| IDENTITY_STORE_NAME | VARCHAR2 | Identity store name |
| CHANGE_PASSWORD_METHOD | VARCHAR2 | Method of password change |
| AUDIT_PASSWORD_TYPE | VARCHAR2 | Password type |
VULNERABILITY_ASSESSMENT_FAILURES
This report contains details of endpoints for which Vulnerability Assessment failed
Type: View
| Column name | Data Type | Column Description |
|---|---|---|
| LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
| ID | VARCHAR2 | Unique database ID |
| ADAPTER_INSTANCE_NAME | VARCHAR2 | Specifies the adapter instance name |
| ADAPTER_INSTANCE_ID | VARCHAR2 | Specifies the adapter instance ID |
| VENDOR_NAME | VARCHAR2 | Specifies the vendor name |
| ISE_NODE | VARCHAR2 | Specifies the ACS instance |
| MAC_ADDRESS | VARCHAR2 | Specifies the MAC address |
| IP_ADDRESS | VARCHAR2 | Specifies the IP address |
| OPERATION_MESSSAGE_TEXT | VARCHAR2 | Specifies the operation message text |
| MESSAGE_TYPE | VARCHAR2 | Specifies the message type |