AAA_DIAGNOSTICS_VIEW
Provides details of all network sessions between Cisco ISE and users. Use iseql.py "SELECT view_name FROM user_views ORDER BY view_name ASC" to get all the tables or views that you have access to.
Type: View
Column name | Data Type | Column Description |
---|---|---|
TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
SESSION_ID | VARCHAR2 | Shows the session ID |
ISE_NODE | VARCHAR2 | Displays the hostname of the ISE server |
USERNAME | VARCHAR2 | Displays the username |
MESSAGE_SEVERITY | VARCHAR2 | Displays the severity of message |
MESSAGE_CODE | VARCHAR2 | Displays the message code |
MESSAGE_TEXT | VARCHAR2 | Displays the message text |
CATEGORY | VARCHAR2 | Displays the category |
INFO | VARCHAR2 | Displays the diagnostic info |
ADAPTER_STATUS
Adapter Status Report
Type: View
Column name | Data Type | Column Description |
---|---|---|
LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
STATUS | VARCHAR2 | Specifies the adapter status |
ID | VARCHAR2 | Unique database ID |
ADAPTER_NAME | VARCHAR2 | Specifies the adapter name |
CONNECTIVITY | VARCHAR2 | Specifies the connectivity |
ADAPTIVE_NETWORK_CONTROL
The Adaptive Network Control Audit report is based on the RADIUS accounting. It displays historical reporting of all network sessions for each endpoint
Type: View
Column name | Data Type | Column Description |
---|---|---|
LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
ENDPOINT_ID | VARCHAR2 | Specifies the endpoint ID |
ID | NUMBER | Unique Database ID |
IP_ADDRESS | VARCHAR2 | Specifies the IP address |
IPV6_ADDRESS | VARCHAR2 | Specifies the IPV6 IP address |
OPERATION_TYPE | VARCHAR2 | Specifies the operation type |
OPERATION_STATUS | VARCHAR2 | Specifies the operation status |
AUDIT_SESSION | VARCHAR2 | Specifies the audit session |
ADMIN_IDENTITY | VARCHAR2 | Specifies the admin identity |
ADMIN_IP | VARCHAR2 | Specifies the admin IP |
ISE_NODE | VARCHAR2 | Specifies the ISE node |
ADMINISTRATOR_LOGINS
Gives the data about the administrator logins to the ISE
Type: View
Column name | Data Type | Column Description |
---|---|---|
TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when administrator logged in |
TIMESTAMP | TIMESTAMP(6) | Time when administrator logged in |
ISE_NODE | VARCHAR2 | Hostname of ISE node |
ADMIN_NAME | VARCHAR2 | Name of the admin |
IP_ADDRESS | VARCHAR2 | IP address of the client from where the admin logged in |
IPV6_ADDRESS | VARCHAR2 | IPV6 address |
INTERFACE | VARCHAR2 | Interface used for login GUI/CLI |
ADMIN_SESSION | VARCHAR2 | admin session |
EVENT_DETAILS | VARCHAR2 | Details of the event |
EVENT | VARCHAR2 | Admin logged in or logged out |
ADMIN_USERS
This provides details of all the administrators of ISE
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | VARCHAR2 | Database unique ID |
STATUS | VARCHAR2 | Admin user is enabled or disabled |
NAME | VARCHAR2 | Name of the admin user |
DESCRIPTION | VARCHAR2 | Description |
FIRST_NAME | VARCHAR2 | First name of the admin user |
LAST_NAME | VARCHAR2 | Last name of the admin user |
EMAIL_ADDRESS | VARCHAR2 | Email address of the admin user |
ADMIN_GROUP | VARCHAR2 | Group to which admin user belongs |
AUP_ACCEPTANCE_STATUS
Track all accepted and denied AUP connections
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | NUMBER | Database unique ID |
TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
MESSAGE_CODE | VARCHAR2 | Message code |
USERNAME | VARCHAR2 | User name |
IP_ADDRESS | VARCHAR2 | IP address of the endpoint |
MAC_ADDRESS | VARCHAR2 | MAC address of the endpoint |
PORTAL_NAME | VARCHAR2 | Portal name |
AUP_ACCEPTANCE | VARCHAR2 | AUP acceptance status |
FIRST_NAME | VARCHAR2 | First name of user |
LAST_NAME | VARCHAR2 | Last name of user |
IDENTITY_GROUP | VARCHAR2 | Identity group |
EMAIL_ADDRESS | VARCHAR2 | Email address of user |
PHONE_NUMBER | VARCHAR2 | Phone number of user |
COMPANY | VARCHAR2 | Company of user |
IDENTITY_STORE | VARCHAR2 | Identify store |
NAD_ADDRESS | VARCHAR2 | IP address of NAD |
NAS_IP_ADDRESS | VARCHAR2 | IP address of NAS |
USER_DETAILS | VARCHAR2 | Details of the user |
AUTHORIZATION_PROFILES
Displays all existing authorization profiles
Type: View
Column name | Data Type | Column Description |
---|---|---|
NAME | VARCHAR2 | Name of the authorization profiles |
DESCRIPTION | VARCHAR2 | Description of the authorization profiles |
CHANGE_CONFIGURATION_AUDIT
Displays the configuration audit data
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | NUMBER | Database unique ID |
TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
ISE_NODE | VARCHAR2 | Hostname of ISE node |
MESSAGE_CODE | VARCHAR2 | Message code |
ADMIN_NAME | VARCHAR2 | Name of the admin who made config change |
NAS_IP_ADDRESS | VARCHAR2 | IP address of NAD |
NAS_IPV6_ADDRESS | VARCHAR2 | IPV6 address of NAD |
INTERFACE | VARCHAR2 | Interface used for login GUI/CLI |
OBJECT_NAME | VARCHAR2 | Name of object for which config is changed |
OBJECT_TYPE | VARCHAR2 | Type of object for which config is changed |
MESSAGE_CLASS | VARCHAR2 | Message class |
EVENT | VARCHAR2 | Config change done |
REQUESTED_OPERATION | VARCHAR2 | Operation done |
OPERATION_MESSAGE_TEXT | VARCHAR2 | Operation details |
HOST_ID | VARCHAR2 | Hostname of ISE node on which change is done |
REQUEST_RESPONSE_TYPE | VARCHAR2 | Type of request response |
FAILURE_FLAG | VARCHAR2 | Failure flag |
MODIFIED_PROPERTIES | CLOB | Modified properties |
DETAILS | VARCHAR2 | Details of the event |
OBJECT_ID | VARCHAR2 | Object ID |
APPLIED_TO_ACS_INSTANCE | VARCHAR2 | ISE nodes to which change is applied |
LOCAL_MODE | NUMBER | Local mode |
COA_EVENTS
Log of change of authorization issued based on threat events received from various adapters
Type: View
Column name | Data Type | Column Description |
---|---|---|
LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
COA_EVENT_ID | VARCHAR2 | Specifies the COA event ID |
COA_STATUS | VARCHAR2 | Specifies the COA status |
CALLING_STATION_ID | VARCHAR2 | Specifies the calling station ID |
IP_ADDRESS | VARCHAR2 | Specifies the IP address |
USERNAME | VARCHAR2 | Specifies the user name |
NEW_AUTHZ_RULE | VARCHAR2 | Specifies the Network Authorization Rule |
OLD_AUTHZ_PROFILE | VARCHAR2 | Specifies the old Authorization profile |
NEW_AUTHZ_PROFILE | VARCHAR2 | Specifies the new Authorization profile |
VENDOR_NAME | VARCHAR2 | Specifies the vendor name |
INCIDENT_TYPE | VARCHAR2 | Specifies the incident type |
THREAT_EVENTS | VARCHAR2 | Specifies the threat events |
OPERATION_MESSAGE_TEXT | VARCHAR2 | Specifies the operation message text |
ENDPOINTS_DATA
Collection of all data related to endpoint that ISE collects
Type: View
Column name | Data Type | Column Description |
---|---|---|
ENDPOINT_POLICY_ID | VARCHAR2 | Specifies the unique ID of the endpoint policy used |
MATCHED_POLICY_ID | VARCHAR2 | Specifies the ID of profiling used |
NMAP_SUBNET_SCANID | NUMBER | NMAP subnet can ID of end points |
PORTAL_USER | VARCHAR2 | Specifies the portal user |
AUTH_STORE_ID | VARCHAR2 | Specifies the auth store ID |
DEVICE_REGISTRATIONS_STATUS | NUMBER | Specifies if device is registered |
REG_TIMESTAMP | NUMBER | Specifies the registered timestamp |
POSTURE_APPLICABLE | NUMBER | Specifies if Posture is Applicable |
CREATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time when record added |
UPDATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time when record last updated |
PROFILE_SERVER | VARCHAR2 | Specifies the ISE node that profiled the endpoint |
BYOD_REG | VARCHAR2 | Specifies the BYOD Registration status |
HOSTNAME | VARCHAR2 | Specifies the hostname of the endpoint |
VERSION | NUMBER | Specifies the version |
POSTURE_EXPIRY | VARCHAR2 | Specifies the posture expiry |
NATIVE_UDID | VARCHAR2 | Endpoint native UDID |
PHONE_ID | VARCHAR2 | Endpoint phone ID |
PHONE_ID_TYPE | VARCHAR2 | Endpoint phone ID type |
MDM_SERVER_ID | VARCHAR2 | Endpoint MDM server ID |
UNIQUE_SUBJECT_ID | VARCHAR2 | Endpoint subject ID |
MDM_GUID | VARCHAR2 | Endpoint MDM GUID |
ENDPOINT_UNIQUE_ID | VARCHAR2 | Endpoint unique ID |
ENDPOINT_ID | VARCHAR2 | Specifies the EPID of the endpoint |
PROBE_DATA | VARCHAR2 | Specifies all the probe data acquired during profiling. When using Splunk, the PROBE_DATA column may display binary-encoded data streams (compressed and non-printable characters). |
CUSTOM_ATTRIBUTES | VARCHAR2 | Specifies the custom attributes |
ID | VARCHAR2 | Database unique ID |
MAC_ADDRESS | VARCHAR2 | Specifies MAC address of the endpoint |
ENDPOINT_POLICY | VARCHAR2 | Specifies the profiling policy under which endpoint got profiled |
STATIC_ASSIGNMENT | VARCHAR2 | Specifies the endpoint static assignment status |
STATIC_GROUP_ASSIGNMENT | VARCHAR2 | Specifies if endpoint statically assigned to user identity group |
IDENTITY_GROUP_ID | VARCHAR2 | Specifies the unique ID of the User identity Group the endpoint belongs to |
ENDPOINT_IP | VARCHAR2 | Specifies the IP address of the endpoint |
ENDPOINT_POLICY_VERSION | NUMBER | The version of endpoint policy used |
MATCHED_VALUE | VARCHAR2 | Matched Certainty Factor |
The following attributes in the Endpoints_Data view are updated in real time:
- ENDPOINT_POLICY
- MATCHED_VALUE
- STATIC_ASSIGNEMENT
- STATIC_GROUP_ASSIGNMENT
- IDENTITY_GROUP_ID
- MATCHED_POLICY_ID
- NMAP_SUBNET_SCAN_ID
- PORTAL_USER
- POSTURE_APPLICABLE
- DEVICE_REG_STATUS
- BYOD_REGISTERED
- HOST_NAME
- DEVICE_IDENTIFIER
- UNIQUE_SUBJECT_ID
- EPID
- ANOMALOUS_BEHAVIOUR
- AUP_ACCEPTED
- LAST_AUP_ACCEPTED_TIMESTAMP
- MDM_MANUFACTURER
- MDM_MODEL
- MDM_PROVIDER
- MDM_SERVER_ID
- MDM_SERVER_NAME
- MDMIMEI
- PHONE_ID
- PHONE_ID_TYPE
- MDM_SERIAL_NUM
- MDM_OS_VERSION
- MDM_PHONE_NUM
- MDM_ENROLLED
- MDM_COMPLIANT
- MDM_COMPLIANT_FAILURE_REASON
- MDM_DISKENCRYPTED
- MDM_JAILBROKEN
- MDM_SERVERREACHABLE
- MDM_PINLOCKSET
- MDM_LASTCHECKIN_TIMESTAMP
- MDM_UPDATETIMESTAMP
- MDM_USER_NOTIFIED
- MDM_GUID
The other attributes will be synchronized with a delay of up to 12 hours.
ENDPOINT_IDENTITY_GROUPS
This will provide details of all the endpoint identity groups
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | VARCHAR2 | Database unique ID |
NAME | VARCHAR2 | Name |
DESCRIPTION | VARCHAR2 | Description |
CREATED_BY | VARCHAR2 | Name of the user |
CREATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time of creation |
UPDATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time of updating |
STATUS | VARCHAR2 | Active/Inactive |
ENDPOINT_PURGE_VIEW
Enables the user to review the history of endpoints purge activities
Type: View
Column name | Data Type | Column Description |
---|---|---|
ENDPOINT_PURGE_ID | VARCHAR2 | Endpoint purge ID |
RUN_TIME | TIMESTAMP(6) | Run time |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
PROFILER_SERVER | VARCHAR2 | Profiler server |
ENDPOINT_PURGE_RULE | VARCHAR2 | Endpoint purge rule |
ENDPOINT_COUNT | NUMBER | Number of endpoints |
ID | NUMBER | Database unique ID |
EXT_ID_SRC_ACTIVE_DIRECTORY
List of Active Directory Identity Stores
Type: View
Column name | Data Type | Column Description |
---|---|---|
NAME | VARCHAR2 | Name of active directory |
EXT_ID_SRC_CERT_AUTH_PROFILE
List of Certificate Authentication Profiles
Type: View
Column name | Data Type | Column Description |
---|---|---|
NAME | VARCHAR2 | Name of Certificate Authentication Profile |
DESCRIPTION | VARCHAR2 | Description of Certificate Authentication Profile |
EXT_ID_SRC_LDAP
List of LDAP Identity Sources
Type: View
Column name | Data Type | Column Description |
---|---|---|
NAME | VARCHAR2 | Name of LDAP Identity Store |
DESCRIPTION | VARCHAR2 | Description of LDAP Identity Store |
EXT_ID_SRC_ODBC
List of ODBC Identity Sources
Type: View
Column name | Data Type | Column Description |
---|---|---|
NAME | VARCHAR2 | Name of ODBC Identity Store |
DESCRIPTION | VARCHAR2 | Description of ODBC Identity Store |
EXT_ID_SRC_RADIUS_TOKEN
List of RADIUS Token Identity Sources
Type: View
Column name | Data Type | Column Description |
---|---|---|
NAME | VARCHAR2 | Name of RADIUS Token Identity Sources |
DESCRIPTION | VARCHAR2 | Description of RADIUS Token Identity Sources |
EXT_ID_SRC_REST
List of REST ID Stores
Type: View
Column name | Data Type | Column Description |
---|---|---|
NAME | VARCHAR2 | Name of REST ID store |
DESCRIPTION | VARCHAR2 | Description of REST ID store |
EXT_ID_SRC_RSA_SECURID
List of RSA SecurID Identity Sources
Type: View
Column name | Data Type | Column Description |
---|---|---|
NAME | VARCHAR2 | Name of RSA SecurID Identity Sources |
EXT_ID_SRC_SAML_ID_PROVIDERS
List of SAML Identity Providers
Type: View
Column name | Data Type | Column Description |
---|---|---|
NAME | VARCHAR2 | Name of SAML Identity Providers |
DESCRIPTION | VARCHAR2 | Description of SAML Identity Providers |
EXT_ID_SRC_SOCIAL_LOGIN
List of Social Login Identity Stores
Type: View
Column name | Data Type | Column Description |
---|---|---|
NAME | VARCHAR2 | Name of Social Login Identity Store |
DESCRIPTION | VARCHAR2 | Description of Social Login Identity Store |
FAILURE_CODE_CAUSE
Provides details of various failure causes and respective codes
Type: View
Column name | Data Type | Column Description |
---|---|---|
FAILURE_CODE | VARCHAR2 | Specifies the failure code |
FAILURE_CAUSE | VARCHAR2 | Specifies the failure cause |
GUEST_ACCOUNTING
Details of all users assigned to guest identity groups appear in this report
Type: View
Column name | Data Type | Column Description |
---|---|---|
LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
IDENTITY | VARCHAR2 | Specifies the identity of the user |
TIME_SPENT | VARCHAR2 | Specifies the time spent |
LOGGED_IN | VARCHAR2 | Specifies the logged in time |
LOGGED_OUT | VARCHAR2 | Specifies the logged out time |
ENDPOINT_ID | VARCHAR2 | Specifies the endpoint ID |
IP_ADDRESS | VARCHAR2 | Specifies the IP address |
GUEST_DEVICELOGIN_AUDIT
Tracks login activity by employees at the my device portal and device related operation performed by the users in the my device portal
Type: View
Column name | Data Type | Column Description |
---|---|---|
USER_DETAILS | VARCHAR2 | Details of the user |
PORTAL_NAME | VARCHAR2 | Name of guest portal used |
DEVICE_NAME | VARCHAR2 | Name of device used |
DEVICE_DETAILS | VARCHAR2 | Details of the device |
MAC_ADDRESS | VARCHAR2 | MAC address of Device |
IP_ADDRESS | VARCHAR2 | IP address of Device |
OPERATION | VARCHAR2 | Operation that the user performed |
RESULT | VARCHAR2 | Status of the user operation |
FAILURE_REASON | VARCHAR2 | Specifies the failure reason |
AUTH_IDENTITY_STORE | VARCHAR2 | Specifies the authentication identity store |
SERVER | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
USERNAME | VARCHAR2 | User name of user |
MESSAGE_CODE | VARCHAR2 | Syslog message code |
FIRST_NAME | VARCHAR2 | First Name of user |
LAST_NAME | VARCHAR2 | Last Name of user |
IDENTITY_GROUP | VARCHAR2 | Identity group to which users belongs to |
EMAIL_ADDRESS | VARCHAR2 | Email address of the user |
PHONE_NUMBER | VARCHAR2 | Phone Number of user |
COMPANY | VARCHAR2 | Company of the user |
STATIC_ASSIGNMENT | VARCHAR2 | Specifies the endpoint static assignment status |
ENDPOINT_PROFILER_SERVER | VARCHAR2 | ISE node which profiled the endpoint |
NAD_ADDRESS | VARCHAR2 | IP address of NAD |
NAS_IP_ADDRESS | VARCHAR2 | IP address of NAS |
IDENTITY_STORE_NAME | VARCHAR2 | Specifies the name of the identity store |
IDENTITY_STORE_GUID | VARCHAR2 | ID of Identity store in which user belongs |
DESCRIPTION | VARCHAR2 | Description of user |
KEY_PERFORMANCE_METRICS
It will provides details of key performance metrics like average TPS, average load etc.,
Type: View
Column name | Data Type | Column Description |
---|---|---|
LOGGED_TIME | TIMESTAMP(6) | Time data is collected |
ISE_NODE | VARCHAR2 | ISE Node in deployment |
RADIUS_REQUESTS_HR | NUMBER | Number of radius requests per hour for selected PSN server |
LOGGED_TO_MNT_HR | NUMBER | Number of requests logged to MNT database for selected PSN server |
NOISE_HR | NUMBER | Calculated as difference between radius requests and logged to MnT per hour |
SUPPRESSION_HR | NUMBER | Calculated as percentage of Noise w.r.t. radius requests per hour for selected PSN server |
AVG_LOAD | NUMBER | Average server load for selected server |
MAX_LOAD | NUMBER | Maximum server load for selected server |
AVG_LATENCY_PER_REQ | NUMBER | Average latency per radius request for selected PSN server |
AVG_TPS | NUMBER | Average transactions per second |
LOGICAL_PROFILES
Displays all the logical profiles that exist along with their assigned policies
Type: View
Column name | Data Type | Column Description |
---|---|---|
LOGICAL_PROFILE | VARCHAR2 | Name of logical Profile |
SYSTEM_TYPE | VARCHAR2 | Type of logical profile like admin created or Cisco provided |
DESCRIPTION | VARCHAR2 | Description |
ASSIGNED_POLICIES | VARCHAR2 | Profiling policy assigned to logical profile. |
MISCONFIGURED_NAS_VIEW
Provides information about NADs with inaccurate accounting frequency typically when sending accounting information frequently
Type: View
Column name | Data Type | Column Description |
---|---|---|
MESSAGE_TEXT | VARCHAR2 | Displays the message text |
ID | NUMBER | Database unique ID |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
ISE_NODE | VARCHAR2 | Displays the hostname of the ISE server |
MESSAGE_CODE | NUMBER | Displays the message code |
NAS_IP_ADDRESS | VARCHAR2 | IP address of NAS |
CALLING_STATION_ID | VARCHAR2 | Calling station ID |
DETAIL_INFO | VARCHAR2 | Displays the detailed info |
FAILED_ATTEMPTS | VARCHAR2 | Failed attempts |
FAILED_TIMES | VARCHAR2 | Failed times |
OTHER_ATTRIBUTES | CLOB | Other attributes |
NAS_IPV6_ADDRESS | VARCHAR2 | NAS IPV6 address |
TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
FAILED_TIMES_HOURS | VARCHAR2 | Failed times in hours |
MISCONFIGURED_SUPPLICANTS_VIEW
Provides a list of mis-configured supplicants along with the statistics due to failed attempts that are performed by a specific supplicant
Type: View
Column name | Data Type | Column Description |
---|---|---|
NAS_IP_ADDRESS | VARCHAR2 | IP address of NAS |
NAS_PORT_ID | VARCHAR2 | NAS port ID |
NAS_PORT_TYPE | VARCHAR2 | NAS port type |
SELECTED_AUTHORIZATION_PROFILES | VARCHAR2 | Authorization profile used after authentication |
POSTURE_STATUS | VARCHAR2 | Posture status |
SECURITY_GROUP | VARCHAR2 | Security group |
FAILURE_REASON | VARCHAR2 | Failure reason |
RESPONSE | VARCHAR2 | Displays the response |
EXECUTION_STEPS | VARCHAR2 | Execution steps |
OTHER_ATTRIBUTES | BLOB | Other attributes |
RESPONSE_TIME | NUMBER | Response time |
PASSED | NUMBER | Passed flag |
FAILED | NUMBER | Failed flag |
CREDENTIAL_CHECK | VARCHAR2 | Credential check |
ENDPOINT_PROFILE | VARCHAR2 | Endpoint matched profile |
MDM_SERVER_NAME | VARCHAR2 | MDM server name |
NAS_IPV6_ADDRESS | VARCHAR2 | NAS IPV6 address |
MESSAGE_TEXT | VARCHAR2 | Displays the message text |
FRAMED_IPV6_ADDRESS | VARCHAR2 | Framed IPV6 address |
ID | NUMBER | Database unique ID |
TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
ISE_NODE | VARCHAR2 | Displays the hostname of the ISE server |
MESSAGE_CODE | NUMBER | Displays the message code |
USERNAME | VARCHAR2 | User's claimed identity |
USER_TYPE | VARCHAR2 | User type |
CALLING_STATION_ID | VARCHAR2 | Calling station ID |
ACCESS_SERVICE | VARCHAR2 | Access service |
FRAMED_IP_ADDRESS | VARCHAR2 | Framed IP address |
IDENTITY_STORE | VARCHAR2 | Identity store |
IDENTITY_GROUP | VARCHAR2 | Identity group |
AUDIT_SESSION_ID | VARCHAR2 | Unique numeric string identifying the server session |
AUTHENTICATION_METHOD | VARCHAR2 | Authentication method |
AUTHENTICATION_PROTOCOL | VARCHAR2 | Authentication protocol |
SERVICE_TYPE | VARCHAR2 | The Type of Service the user has requested |
NETWORK_DEVICE_NAME | VARCHAR2 | Network device name |
DEVICE_TYPE | VARCHAR2 | Device type |
LOCATION | VARCHAR2 | Location |
NETWORK_ACCESS_USERS
List of all the internal users in ISE
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | VARCHAR2 | Database ID of Internal User |
STATUS | VARCHAR2 | Enabled or Disabled |
USERNAME | VARCHAR2 | Name of User |
DESCRIPTION | VARCHAR2 | Description of User |
FIRST_NAME | VARCHAR2 | First Name of User |
LAST_NAME | VARCHAR2 | Last Name of User |
EMAIL_ADDRESS | VARCHAR2 | Email Address of User |
IDENTITY_GROUP | VARCHAR2 | List of Identity Group ID to which user belongs |
IS_ADMIN | VARCHAR2 | Shows if user is admin |
ALLOW_PASSWORD_CHANGE_AFTER_LOGIN | NUMBER | Specifies if password change is allowed after login |
CURRENT_SUCCESSFUL_LOGIN_TIME | VARCHAR2 | Specifies the current successful login time |
LAST_SUCCESSFUL_LOGIN_TIME | VARCHAR2 | Specifies the last successful login time |
LAST_UNSUCCESSFUL_LOGIN_TIME | VARCHAR2 | Specifies the last unsuccessful login time |
SUCCESS_LOGIN_IPADDRESS | VARCHAR2 | Specifies the success login IP address |
FAILED_LOGIN_IPADDRESS | VARCHAR2 | Specifies the failed login IP address |
EXPIRY_DATE_ENABLED | NUMBER | Specifies the expiry date enabled |
EXPIRY_DATE | NUMBER | Specifies the expiry date |
ACCOUNT_NAME_ALIAS | VARCHAR2 | Specifies the account name alias |
PASSWORD_LAST_UPDATED_ON | NUMBER | Specifies when the password was last updated |
PASSWORD_NEVER_EXPIRES | NUMBER | Specifies if the password expired or not |
ALARM_EMAILABLE | NUMBER | Specifies if the user receives system alarms |
NETWORK_DEVICES
Gives the network device information which is configured in ISE
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | VARCHAR2 | Database unique ID |
NAME | VARCHAR2 | Name |
IP_MASK | VARCHAR2 | IP address/mask |
PROFILE_NAME | VARCHAR2 | Name of the profile |
LOCATION | VARCHAR2 | Device location |
TYPE | VARCHAR2 | Device type |
NETWORK_DEVICE_GROUPS
This provides details of all the network device groups
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | VARCHAR2 | Database unique ID |
NAME | VARCHAR2 | Name |
DESCRIPTION | VARCHAR2 | Description |
CREATED_BY | VARCHAR2 | Name of the user |
CREATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time of creation |
UPDATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time of updating |
ACTIVE_STATUS | VARCHAR2 | Active/Inactive |
NODE_LIST
Provide information of all the nodes of deployment
Type: View
Column name | Data Type | Column Description |
---|---|---|
HOSTNAME | VARCHAR2 | Hostname |
NODE_TYPE | VARCHAR2 | Personas enabled on the node |
GATEWAY | VARCHAR2 | Default gateway configured |
NODE_ROLE | VARCHAR2 | Standalone or multi-node |
ACTIVE_STATUS | VARCHAR2 | Active/Inactive |
REPLICATION_STATUS | VARCHAR2 | Status of replication |
PDP_SERVICES | VARCHAR2 | Services enabled on the node |
HOST_ALIAS | VARCHAR2 | FQDN |
CREATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time of creation of record |
UPDATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time of updating |
XGRID_ENABLED | NUMBER | PxGrid enabled status |
XGRID_PEER | VARCHAR2 | PxGrid peer |
UDI_PID | VARCHAR2 | Product Identifier |
UDI_VID | VARCHAR2 | Version Identifier |
UDI_SN | VARCHAR2 | Serial Number |
UDI_PT | VARCHAR2 | Node type virtual or physical |
PATCH_VERSION | VARCHAR2 | Patch version |
PIC_NODE | NUMBER | PIC node |
INSTALLATION_TYPE | VARCHAR2 | Installation type |
VM_INFO | VARCHAR2 | Virtual machine details |
API_NODE | NUMBER | API node |
OPENAPI_OPERATIONS
Provides details about any configuration changes or data access performed using the OpenAPI framework
Type: View
Column name | Data Type | Column Description |
---|---|---|
LOGGED_AT | TIMESTAMP(6) | Time when record logged |
MESSAGE_TEXT | VARCHAR2 | Displays the message text |
REQUEST_TIME | TIMESTAMP(6) WITH TIME ZONE | Displays the request time |
REQUEST_NAME | VARCHAR2 | Displays the request name |
HTTP_METHOD | VARCHAR2 | Displays the http method |
REQUEST_ID | VARCHAR2 | Displays the request ID |
REQUEST_BODY | VARCHAR2 | Displays the request body |
RESPONSE | VARCHAR2 | Displays the response |
HTTP_CODE | NUMBER | Displays the http code |
HTTP_STATUS | VARCHAR2 | Displays the http status |
ERROR_MESSAGE | VARCHAR2 | Displays the error if any |
SERVER | VARCHAR2 | Displays the ISE hostname |
RESPONSE_DURATION | NUMBER | Displays the response duration |
CLIENT_IP | VARCHAR2 | Displays the client IP address |
ADMINISTRATOR | VARCHAR2 | Displays the admin name |
POLICY_SETS
Provides a list of all policy sets currently configured in the system
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | VARCHAR2 | Database unique ID |
CREATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time when record was created |
UPDATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time when record was last updated |
POLICYSET_STATUS | VARCHAR2 | Specifies if the policy set status is active |
POLICYSET_NAME | VARCHAR2 | Specifies the policy set name |
DESCRIPTION | VARCHAR2 | Specifies the policy sets description |
POSTURE_ASSESSMENT_BY_CONDITION
The report provides details about policy condition and their status
Type: View
Column name | Data Type | Column Description |
---|---|---|
CONDITION_STATUS | VARCHAR2 | Displays the status of the condition i.e. passed, failed or skipped |
LOCATION | VARCHAR2 | Displays the network device group location |
LOGGED_AT | TIMESTAMP(6) | Specifies the time at which policy was enforced |
POLICY | VARCHAR2 | Specifies the posture policy |
POLICY_STATUS | VARCHAR2 | Displays the policy condition status |
ENFORCEMENT_NAME | VARCHAR2 | Displays the posture requirement name |
ENFORCEMENT_TYPE | VARCHAR2 | Enforcement type of the requirement i.e. mandatory, optional or audit |
ENFORCEMENT_STATUS | VARCHAR2 | Displays the status of the posture requirement enforcement |
ISE_NODE | VARCHAR2 | Displays the hostname of the ISE server |
MESSAGE_CODE | VARCHAR2 | Displays the message code of the posture syslog |
REQUEST_TIME | VARCHAR2 | Displays the request time |
RESPONSE_TIME | VARCHAR2 | Displays the response time |
ENDPOINT_ID | VARCHAR2 | Endpoint MAC address |
ENDPOINT_OS | VARCHAR2 | Endpoint operating system |
POSTURE_AGENT_VERSION | VARCHAR2 | Displays the version of the posture agent |
POSTURE_STATUS | VARCHAR2 | Posture status i.e. pending, compliant, non-compliant etc |
POSTURE_POLICY_MATCHED | VARCHAR2 | Displays the posture policy matched |
POSTURE_REPORT | CLOB | Displays the posture report |
ANTI_VIRUS_INSTALLED | VARCHAR2 | Displays the installed anti-virus |
ANTI_SPYWARE_INSTALLED | VARCHAR2 | Displays the installed anti-spyware |
FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
PRA_ENFORCEMENT | NUMBER | Displays the status of periodic reassessment enforcement |
PRA_INTERVAL | NUMBER | Periodic reassessment interval configured |
PRA_ACTION | VARCHAR2 | Periodic reassessment action configured |
PRA_GRACE_TIME | VARCHAR2 | Periodic reassessment grace time configured |
IDENTITY | VARCHAR2 | Displays the user name |
SESSION_ID | VARCHAR2 | Shows the session ID |
FEED_URL | VARCHAR2 | Shows the update feed URL |
NUM_OF_UPDATES | NUMBER | Displays the number of updates |
USER_AGREEMENT_STATUS | VARCHAR2 | Displays the status of the user agreement |
SYSTEM_NAME | VARCHAR2 | Hostname of the endpoint |
SYSTEM_DOMAIN | VARCHAR2 | Displays the domain name of the endpoint |
SYSTEM_USER | VARCHAR2 | Displays the system user |
SYSTEM_USER_DOMAIN | VARCHAR2 | Displays the system user domain |
IP_ADDRESS | VARCHAR2 | IP address of the endpoint |
AM_INSTALLED | VARCHAR2 | Displays the anti-malware installed on the endpoint |
CONDITION_NAME | VARCHAR2 | Specifies the posture condition which was matched |
POSTURE_ASSESSMENT_BY_ENDPOINT
This view shows which endpoints have been subject to posture assessment and also gives the administrator the ability to view the details of each endpoint's posture assessment
Type: View
Column name | Data Type | Column Description |
---|---|---|
SYSTEM_DOMAIN | VARCHAR2 | Displays the domain name of the endpoint |
SYSTEM_USER | VARCHAR2 | Displays the system user |
SYSTEM_USER_DOMAIN | VARCHAR2 | Displays the system user domain |
IP_ADDRESS | VARCHAR2 | IP address of the endpoint |
PRA_GRACE_TIME | VARCHAR2 | Periodic reassessment grace time configured |
NAD_LOCATION | VARCHAR2 | Location of NAD |
AM_INSTALLED | VARCHAR2 | Displays the anti-malware installed on the endpoint |
MESSAGE_TEXT | VARCHAR2 | Displays the message text |
ID | NUMBER | Database unique ID |
TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
ISE_NODE | VARCHAR2 | Hostname of ISE node |
MESSAGE_CODE | VARCHAR2 | Displays the message code of the posture syslog |
REQUEST_TIME | VARCHAR2 | Displays the request time |
RESPONSE_TIME | VARCHAR2 | Displays the response time |
ENDPOINT_MAC_ADDRESS | VARCHAR2 | MAC address of the endpoint |
ENDPOINT_OPERATING_SYSTEM | VARCHAR2 | Operating system of the endpoint |
POSTURE_AGENT_VERSION | VARCHAR2 | Displays the version of the posture agent |
POSTURE_STATUS | VARCHAR2 | Posture status i.e. pending, compliant, non-compliant etc |
POSTURE_POLICY_MATCHED | VARCHAR2 | Displays the posture policy matched |
POSTURE_REPORT | CLOB | Displays the posture report |
ANTI_VIRUS_INSTALLED | VARCHAR2 | Displays the installed anti-virus |
ANTI_SPYWARE_INSTALLED | VARCHAR2 | Displays the installed anti-spyware |
FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
PRA_ENFORCEMENT_FLAG | NUMBER | Displays the status of periodic reassessment enforcement |
PRA_INTERVAL | NUMBER | Periodic reassessment interval configured |
PRA_ACTION | VARCHAR2 | Periodic reassessment action configured |
USERNAME | VARCHAR2 | Displays the username |
SESSION_ID | VARCHAR2 | Shows the session ID |
FEED_URL | VARCHAR2 | Shows the update feed URL |
NUM_OF_UPDATES | NUMBER | Number of updates |
USER_AGREEMENT_STATUS | VARCHAR2 | Displays the status of the user agreement |
SYSTEM_NAME | VARCHAR2 | Hostname of the endpoint |
POSTURE_GRACE_PERIOD
Lists the MAC address and the posture grace period expiration
Type: View
Column name | Data Type | Column Description |
---|---|---|
MAC_LIST | VARCHAR2 | Specifies the list of MAC address |
LAST_GRACE_EXPIRY | VARCHAR2 | Specifies the posture grace period expiration time |
POSTURE_SCRIPT_CONDITION
Provides execution status for each requirement that uses script condition.
Type: View
Column name | Data Type | Column Description |
---|---|---|
LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
ISE_NODE | VARCHAR2 | The name of the ISE Node |
STATUS | VARCHAR2 | The execution status of the condition |
POLICY_NAME | VARCHAR2 | The name of the policy being applied |
REQUIREMENT_NAME | VARCHAR2 | The name of the requirement |
SESSION_ID | VARCHAR2 | The Session ID |
ENDPOINT_ID | VARCHAR2 | The Endpoint ID |
UDID | VARCHAR2 | The UDID |
CONDITION_NAME | VARCHAR2 | The name of the condition |
POSTURE_SCRIPT_REMEDIATION
Provides execution status for each requirement that uses script remediation.
Type: View
Column name | Data Type | Column Description |
---|---|---|
LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
ISE_NODE | VARCHAR2 | The name of the ISE Node |
STATUS | VARCHAR2 | The execution status of the remediation |
POLICY_NAME | VARCHAR2 | The name of the policy being applied |
REQUIREMENT_NAME | VARCHAR2 | The name of the requirement |
SESSION_ID | VARCHAR2 | The Session ID |
ENDPOINT_ID | VARCHAR2 | The Endpoint ID |
UDID | VARCHAR2 | The UDID |
PRIMARY_GUEST
The Primary Guest report combines data from various guest reports into a single view. This report collects all guest activity and provides details about the website guest users visit
Type: View
Column name | Data Type | Column Description |
---|---|---|
DETAILS | VARCHAR2 | Specifies the details |
PORTAL_NAME | VARCHAR2 | Specifies the portal name |
RESULT | VARCHAR2 | Specifies the result |
SPONSOR_FIRST_NAME | VARCHAR2 | Specifies the sponsor first name |
SPONSOR_LAST_NAME | VARCHAR2 | Specifies the sponsor last name |
IDENTITY_GROUP | VARCHAR2 | Specifies the identity group to which user belongs |
SPONSOR_EMAIL_ADDRESS | VARCHAR2 | Specifies the sponsor email address |
SPONSOR_PHONE_NUMBER | VARCHAR2 | Specifies the sponsor phone number |
SPONSOR_COMPANY | VARCHAR2 | Specifies the sponsor company |
GUEST_LAST_NAME | VARCHAR2 | Specifies the guest last name |
GUEST_FIRST_NAME | VARCHAR2 | Specifies the guest first name |
GUEST_EMAIL_ADDRESS | VARCHAR2 | Specifies the guest email address |
GUEST_PHONE_NUMBER | VARCHAR2 | Specifies the guest phone number |
GUEST_COMPANY | VARCHAR2 | Specifies the guest company |
GUEST_STATUS | VARCHAR2 | Specifies the guest status |
GUEST_TYPE | VARCHAR2 | Specifies the guest type |
VALID_DAYS | VARCHAR2 | Specifies the number of days guest user is valid |
FROM_DATE | VARCHAR2 | Specifies the start date of the guest user |
TO_DATE | VARCHAR2 | Specifies the end date of the guest user |
LOCATION | VARCHAR2 | Specifies the location of the guest user |
SSID | VARCHAR2 | Specifies the SSID of guest user |
GROUP_TAG | VARCHAR2 | Specifies the group tag of guest user |
GUEST_PERSON_VISITED | VARCHAR2 | Specifies the guest person visited |
GUEST_REASON_FOR_VISIT | VARCHAR2 | Specifies the guest reason for visit |
NAS_IP_ADDRESS | VARCHAR2 | Specifies the NAS IP address |
USER_LINK | CHAR | Specifies the user link |
GUEST_LINK | CHAR | Specifies the guest link |
FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
TIME_SPENT | VARCHAR2 | Specifies the time spent |
LOGGED_IN | VARCHAR2 | Specifies when logged in |
LOGGED_OUT | VARCHAR2 | Specifies when logged out |
OPTIONAL_DATA | VARCHAR2 | Specifies the optional data |
IDENTITY_STORE | VARCHAR2 | Specifies the identity store to which the user belongs |
NAD_ADDRESS | VARCHAR2 | Specifies the NAD address |
SERVER | VARCHAR2 | Specifies the ISE node |
SPONSOR_USER_DETAILS | VARCHAR2 | Specifies the sponsor user details |
GUEST_USER_DETAILS | VARCHAR2 | Specifies the guest user details |
MAC_ADDRESS | VARCHAR2 | Specifies the MAC address |
IP_ADDRESS | VARCHAR2 | Specifies the IP address |
SPONSOR_USERNAME | VARCHAR2 | Specifies the sponsor user name |
GUEST_USERNAME | VARCHAR2 | Specifies the guest user name |
GUEST_USERS | CLOB | Specifies the guest users |
OPERATION | VARCHAR2 | Specifies the operation |
AUP_ACCEPTANCE | VARCHAR2 | Specifies the AUP acceptance |
LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was stored |
MESSAGE | VARCHAR2 | Message for guest |
PROFILED_ENDPOINTS_SUMMARY
Displays profiling details about endpoints that are accessing the network
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | NUMBER | Database unique ID |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
ENDPOINT_ID | VARCHAR2 | Endpoint ID |
ENDPOINT_PROFILE | VARCHAR2 | Endpoint profile |
SOURCE | VARCHAR2 | Source name |
HOST | VARCHAR2 | Host name |
ENDPOINT_ACTION_NAME | VARCHAR2 | Endpoint action name |
MESSAGE_CODE | VARCHAR2 | Message code |
IDENTITY_GROUP | VARCHAR2 | Identity group name |
PROFILING_POLICIES
List and details of all endpoint profiles present on ISE
Type: View
Column name | Data Type | Column Description |
---|---|---|
PROFILING_POLICY_NAME | VARCHAR2 | Name of Profiling Policy |
DESCRIPTION | VARCHAR2 | Description of Profiling Policy |
PXGRID_DIRECT_DATA
Provides the details of the connector and the data it retrieves.
Type: View
Column name | Data Type | Column Description |
---|---|---|
EDDA_ID | VARCHAR2 | The unique identifier as specified in the connector configuration |
CONNECTOR_TYPE | VARCHAR2 | The connector type as specified in the connector configuration |
CREATE_TIME | VARCHAR2 | The time when record created |
BULK_ID | VARCHAR2 | The Bulk ID |
VERSION | VARCHAR2 | The connector version |
VERSION_TYPE | VARCHAR2 | The connector version type |
NAME | VARCHAR2 | The connector name |
DATA | VARCHAR2 | The data parsed by the connector in JSON format |
RADIUS_ACCOUNTING
This provides details of all the radius accounting records
Type: View
Column name | Data Type | Column Description |
---|---|---|
TIMESTAMP | TIMESTAMP(6) | Time when record added |
VN | VARCHAR2 | Information of Virtual Network |
AUTHORIZATION_POLICY | VARCHAR2 | Authorization policy |
FAILURE_REASON | VARCHAR2 | Failure reason |
SECURITY_GROUP | VARCHAR2 | Security group |
CISCO_H323_SETUP_TIME | TIMESTAMP(6) | Cisco H323 setup time |
CISCO_H323_CONNECT_TIME | TIMESTAMP(6) | Cisco H323 connect time |
CISCO_H323_DISCONNECT_TIME | TIMESTAMP(6) | Cisco H323 disconnect time |
RESPONSE_TIME | NUMBER | Response time |
STARTED | NUMBER | Started |
STOPPED | NUMBER | Stopped |
NAS_IPV6_ADDRESS | VARCHAR2 | NAS IPV6 address |
FRAMED_IPV6_ADDRESS | VARCHAR2 | FRAMED IPV6 address |
ID | NUMBER | Database unique ID |
TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
ISE_NODE | VARCHAR2 | ISE node |
SYSLOG_MESSAGE_CODE | VARCHAR2 | Message code |
SESSION_ID | VARCHAR2 | Session ID |
USERNAME | VARCHAR2 | User's claimed identity |
USER_TYPE | VARCHAR2 | User type |
CALLING_STATION_ID | VARCHAR2 | Calling station ID |
ACCT_SESSION_ID | VARCHAR2 | Unique numeric string identifying the server session |
ACCT_STATUS_TYPE | VARCHAR2 | Specifies whether accounting packet starts or stops a bridging, routing, or terminal server session. |
ACCT_SESSION_TIME | NUMBER | Length of time (in seconds) for which the session has been logged in |
SERVICE_TYPE | VARCHAR2 | The Type of Service the user has requested |
FRAMED_PROTOCOL | VARCHAR2 | Framed protocol |
ACCT_INPUT_OCTETS | VARCHAR2 | Number of octets received during the session |
ACCT_OUTPUT_OCTETS | VARCHAR2 | Number of octets sent during the session |
ACCT_INPUT_PACKETS | NUMBER | Number of packets received during the session |
ACCT_OUTPUT_PACKETS | NUMBER | Number of octets sent during the session |
FRAMED_IP_ADDRESS | VARCHAR2 | Framed IP address |
NAS_PORT | VARCHAR2 | Physical port number of the NAS (Network Access Server) originating the request |
NAS_IP_ADDRESS | VARCHAR2 | The IP address of the NAS originating the request |
ACCT_TERMINATE_CAUSE | VARCHAR2 | Reason a connection was terminated |
ACCESS_SERVICE | VARCHAR2 | Access service |
AUDIT_SESSION_ID | VARCHAR2 | Audit session ID |
ACCT_MULTI_SESSION_ID | VARCHAR2 | Multi session ID |
ACCT_AUTHENTIC | VARCHAR2 | Authentication |
TERMINATION_ACTION | VARCHAR2 | 0 Default 1 RADIUS-Request |
SESSION_TIMEOUT | VARCHAR2 | Session timeout |
IDLE_TIMEOUT | VARCHAR2 | Idle timeout |
ACCT_INTERIM_INTERVAL | VARCHAR2 | Number of seconds between each transmittal of an interim update for a specific session |
ACCT_DELAY_TIME | VARCHAR2 | Length of time (in seconds) for which the NAS has been sending the same accounting packet |
EVENT_TIMESTAMP | VARCHAR2 | The date and time that this event occurred on the NAS |
NAS_IDENTIFIER | VARCHAR2 | NAS ID |
NAS_PORT_ID | VARCHAR2 | NAS port ID |
ACCT_TUNNEL_CONNECTION | VARCHAR2 | Tunnel connection |
ACCT_TUNNEL_PACKET_LOST | VARCHAR2 | Packet lost |
DEVICE_NAME | VARCHAR2 | Network device name |
DEVICE_GROUPS | VARCHAR2 | Network device group |
SERVICE_SELECTION_POLICY | VARCHAR2 | Service selection policy |
IDENTITY_STORE | VARCHAR2 | Identity store |
AD_DOMAIN | VARCHAR2 | AD domain |
IDENTITY_GROUP | VARCHAR2 | Identity group |
RADIUS_ACCOUNTING_WEEK
This is performance oriented view which contains all the radius accounting records for the last seven days
Type: View
Column name | Data Type | Column Description |
---|---|---|
VN | VARCHAR2 | Information of Virtual Network |
ACCT_SESSION_ID | VARCHAR2 | Unique numeric string identifying the server session |
ACCT_STATUS_TYPE | VARCHAR2 | Specifies whether accounting packet starts or stops a bridging, routing, or terminal server session. |
ACCT_SESSION_TIME | NUMBER | Length of time (in seconds) for which the session has been logged in |
SERVICE_TYPE | VARCHAR2 | The Type of Service the user has requested |
FRAMED_PROTOCOL | VARCHAR2 | Framed protocol |
ACCT_INPUT_OCTETS | VARCHAR2 | Number of octets received during the session |
ACCT_OUTPUT_OCTETS | VARCHAR2 | Number of octets sent during the session |
ACCT_INPUT_PACKETS | NUMBER | Number of packets received during the session |
ACCT_OUTPUT_PACKETS | NUMBER | Number of octets sent during the session |
FRAMED_IP_ADDRESS | VARCHAR2 | Framed IP address |
NAS_PORT | VARCHAR2 | Physical port number of the NAS (Network Access Server) originating the request |
NAS_IP_ADDRESS | VARCHAR2 | The IP address of the NAS originating the request |
ACCT_TERMINATE_CAUSE | VARCHAR2 | Reason a connection was terminated |
ACCESS_SERVICE | VARCHAR2 | Access service |
AUDIT_SESSION_ID | VARCHAR2 | Audit session ID |
ACCT_MULTI_SESSION_ID | VARCHAR2 | Multi session ID |
ACCT_AUTHENTIC | VARCHAR2 | Authentication |
TERMINATION_ACTION | VARCHAR2 | 0 Default 1 RADIUS-Request |
SESSION_TIMEOUT | VARCHAR2 | Session timeout |
IDLE_TIMEOUT | VARCHAR2 | Idle timeout |
ACCT_INTERIM_INTERVAL | VARCHAR2 | Number of seconds between each transmittal of an interim update for a specific session |
ACCT_DELAY_TIME | VARCHAR2 | Length of time (in seconds) for which the NAS has been sending the same accounting packet |
EVENT_TIMESTAMP | VARCHAR2 | The date and time that this event occurred on the NAS |
NAS_IDENTIFIER | VARCHAR2 | NAS ID |
NAS_PORT_ID | VARCHAR2 | NAS port ID |
ACCT_TUNNEL_CONNECTION | VARCHAR2 | Tunnel connection |
ACCT_TUNNEL_PACKET_LOST | VARCHAR2 | Packet lost |
DEVICE_NAME | VARCHAR2 | Network device name |
DEVICE_GROUPS | VARCHAR2 | Network device group |
SERVICE_SELECTION_POLICY | VARCHAR2 | Service selection policy |
IDENTITY_STORE | VARCHAR2 | Identity store |
AD_DOMAIN | VARCHAR2 | AD domain |
IDENTITY_GROUP | VARCHAR2 | Identity group |
AUTHORIZATION_POLICY | VARCHAR2 | Displays the authorization policy matched |
FAILURE_REASON | VARCHAR2 | Failure reason |
SECURITY_GROUP | VARCHAR2 | Security group |
CISCO_H323_SETUP_TIME | TIMESTAMP(6) | Cisco H323 setup time |
CISCO_H323_CONNECT_TIME | TIMESTAMP(6) | Cisco H323 connect time |
CISCO_H323_DISCONNECT_TIME | TIMESTAMP(6) | Cisco H323 disconnect time |
RESPONSE_TIME | NUMBER | Response time |
STARTED | NUMBER | Started |
STOPPED | NUMBER | Stopped |
NAS_IPV6_ADDRESS | VARCHAR2 | NAS IPV6 address |
FRAMED_IPV6_ADDRESS | VARCHAR2 | Framed IPV6 address |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
ID | NUMBER | Database unique ID |
TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
ISE_NODE | VARCHAR2 | ISE node |
SYSLOG_MESSAGE_CODE | VARCHAR2 | Message code |
SESSION_ID | VARCHAR2 | Established ISE session ID |
USERNAME | VARCHAR2 | User's claimed identity |
USER_TYPE | VARCHAR2 | User type |
CALLING_STATION_ID | VARCHAR2 | Calling station ID |
RADIUS_AUTHENTICATIONS
This provides details of all the radius authentication records
Type: View
Column name | Data Type | Column Description |
---|---|---|
ORIG_CALLING_STATION_ID | VARCHAR2 | Calling station ID |
CHECKSUM | VARCHAR2 | Checksum |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
ID | NUMBER | Database unique ID |
TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
ISE_NODE | VARCHAR2 | ISE node |
SYSLOG_MESSAGE_CODE | NUMBER | Message code |
USERNAME | VARCHAR2 | User's claimed identity |
USER_TYPE | VARCHAR2 | User type |
CALLING_STATION_ID | VARCHAR2 | Calling station ID |
ACCESS_SERVICE | VARCHAR2 | Access service |
FRAMED_IP_ADDRESS | VARCHAR2 | Framed IP address of user |
IDENTITY_STORE | VARCHAR2 | Identity store of user |
IDENTITY_GROUP | VARCHAR2 | User identity group |
AUDIT_SESSION_ID | VARCHAR2 | Audit session ID |
AUTHENTICATION_METHOD | VARCHAR2 | Method of authentication |
AUTHENTICATION_PROTOCOL | VARCHAR2 | Protocol of authentication |
SERVICE_TYPE | VARCHAR2 | The Type of Service the user has requested |
DEVICE_NAME | VARCHAR2 | Network device name |
DEVICE_TYPE | VARCHAR2 | Network device type |
LOCATION | VARCHAR2 | Network device location |
NAS_IP_ADDRESS | VARCHAR2 | The IP address of the NAS originating the request |
NAS_PORT_ID | VARCHAR2 | Physical port number of the NAS (Network Access Server) originating the request |
NAS_PORT_TYPE | VARCHAR2 | NAS port type |
AUTHORIZATION_PROFILES | VARCHAR2 | Authorization profiles |
POSTURE_STATUS | VARCHAR2 | Posture status |
SECURITY_GROUP | VARCHAR2 | Security group |
FAILURE_REASON | VARCHAR2 | Reason of failure |
RESPONSE_TIME | NUMBER | Response time |
PASSED | VARCHAR2 | Passed flag |
FAILED | NUMBER | Failed flag |
CREDENTIAL_CHECK | VARCHAR2 | Credential check |
ENDPOINT_PROFILE | VARCHAR2 | Endpoint matched profile |
MDM_SERVER_NAME | VARCHAR2 | MDM server name |
POLICY_SET_NAME | VARCHAR2 | Policy set name |
AUTHORIZATION_RULE | VARCHAR2 | Authorization rule |
NAS_IPV6_ADDRESS | VARCHAR2 | NAS IPV6 address |
FRAMED_IPV6_ADDRESS | VARCHAR2 | Framed ipv6 address |
RADIUS_AUTHENTICATIONS_WEEK
This is performance oriented view which contains all the radius authentication records for the last seven days
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | NUMBER | Database unique ID |
TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
ISE_NODE | VARCHAR2 | ISE node |
SYSLOG_MESSAGE_CODE | NUMBER | Message code |
USERNAME | VARCHAR2 | User's claimed identity |
USER_TYPE | VARCHAR2 | User type |
CALLING_STATION_ID | VARCHAR2 | Calling station ID |
ACCESS_SERVICE | VARCHAR2 | Access service |
FRAMED_IP_ADDRESS | VARCHAR2 | Framed IP address of user |
IDENTITY_STORE | VARCHAR2 | Identity store of user |
IDENTITY_GROUP | VARCHAR2 | User identity group |
AUDIT_SESSION_ID | VARCHAR2 | Audit session ID |
AUTHENTICATION_METHOD | VARCHAR2 | Method of authentication |
AUTHENTICATION_PROTOCOL | VARCHAR2 | Protocol of authentication |
SERVICE_TYPE | VARCHAR2 | The Type of Service the user has requested |
DEVICE_NAME | VARCHAR2 | Network device name |
DEVICE_TYPE | VARCHAR2 | Network device type |
LOCATION | VARCHAR2 | Network device location |
NAS_IP_ADDRESS | VARCHAR2 | The IP address of the NAS originating the request |
NAS_PORT_ID | VARCHAR2 | Physical port number of the NAS (Network Access Server) originating the request |
NAS_PORT_TYPE | VARCHAR2 | NAS port type |
AUTHORIZATION_PROFILES | VARCHAR2 | Authorization profiles |
POSTURE_STATUS | VARCHAR2 | Posture status |
SECURITY_GROUP | VARCHAR2 | Security group |
FAILURE_REASON | VARCHAR2 | Reason of failure |
RESPONSE_TIME | NUMBER | Response time |
PASSED | NUMBER | Passed flag |
FAILED | NUMBER | Failed flag |
CREDENTIAL_CHECK | VARCHAR2 | Credential check |
ENDPOINT_PROFILE | VARCHAR2 | Endpoint matched profile |
MDM_SERVER_NAME | VARCHAR2 | MDM server name |
POLICY_SET_NAME | VARCHAR2 | Policy set name |
AUTHORIZATION_RULE | VARCHAR2 | Authorization rule |
NAS_IPV6_ADDRESS | VARCHAR2 | NAS IPV6 address |
FRAMED_IPV6_ADDRESS | VARCHAR2 | Framed ipv6 address |
ORIG_CALLING_STATION_ID | VARCHAR2 | Calling station ID |
CHECKSUM | VARCHAR2 | Checksum |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
AUTHENTICATION_POLICY | VARCHAR2 | Displays the authentication policy matched |
AUTHORIZATION_POLICY | VARCHAR2 | Displays the authorization policy matched |
NAD_PROFILE_NAME | VARCHAR2 | Displays the network device profile |
RADIUS_AUTHENTICATION_SUMMARY
Displays an aggregate view of RADIUS authentications.
Type: View
Column name | Data Type | Column Description |
---|---|---|
TIMESTAMP | TIMESTAMP(6) | Time when record added |
ISE_NODE | VARCHAR2 | Name of the ISE server used for authentication |
USERNAME | VARCHAR2 | User name |
CALLING_STATION_ID | VARCHAR2 | Mac address of the device the user is using |
IDENTITY_STORE | VARCHAR2 | The Identity Store to which the user authenticated belongs to. Example - Internal Endpoints |
IDENTITY_GROUP | VARCHAR2 | The Identity Group to which the user belongs to. Example - Windows11-Workstation |
DEVICE_NAME | VARCHAR2 | The name of the network device used by the user to access network. Example - 9800CLWLC, Access-Switch-3K, 9800VWLC etc. |
DEVICE_TYPE | VARCHAR2 | The type of the network device used by the user to access network. Example - Wireless - IEEE 802.11 |
LOCATION | VARCHAR2 | The location hierarchy of the the network device. Example - All Locations#My-Territory#US#Sanjose#BLDG5 |
ACCESS_SERVICE | VARCHAR2 | The protocol used for authentication. Example - NDAC_SGT_Service, Default Network Access |
NAS_PORT_ID | VARCHAR2 | ID of the NAD Port used. Example - GigabitEthernet1/0/14 |
AUTHORIZATION_PROFILES | VARCHAR2 | The authorization profile applied. Example - PermitAccess, Machine-Access |
FAILURE_REASON | VARCHAR2 | Reason for the failure, in case authentication was not successful |
SECURITY_GROUP | VARCHAR2 | The security group classification of the device i.e the source SGT. Example - TrustedDevices, Quarantined_Systems |
TOTAL_RESPONSE_TIME | NUMBER | The total response time required for authentication |
MAX_RESPONSE_TIME | NUMBER | The maximum response time required for authentication |
PASSED_COUNT | NUMBER | The number of passed authentication |
FAILED_COUNT | NUMBER | Number of failed authentication |
RADIUS_ERRORS_VIEW
Enables you to check for RADIUS Requests Dropped, EAP connection time outs and unknown NADs
Type: View
Column name | Data Type | Column Description |
---|---|---|
RESPONSE | VARCHAR2 | Displays the response |
EXECUTION_STEPS | VARCHAR2 | Execution steps |
OTHER_ATTRIBUTES | BLOB | Other attributes |
AUTHENTICATION_POLICY | VARCHAR2 | Authentication policy |
AUTHORIZATION_POLICY | VARCHAR2 | Authorization policy |
OTHER_ATTRIBUTES_STRING | CLOB | Other attributes |
RESPONSE_TIME | NUMBER | Response time |
PASSED | VARCHAR2 | Passed flag |
FAILED | NUMBER | Failed flag |
CREDENTIAL_CHECK | VARCHAR2 | Credential check |
ENDPOINT_PROFILE | VARCHAR2 | Endpoint matched profile |
MDM_SERVER_NAME | VARCHAR2 | MDM server name |
NAS_IPV6_ADDRESS | VARCHAR2 | NAS IPV6 address |
FRAMED_IPV6_ADDRESS | VARCHAR2 | Framed IPV6 address |
ID | NUMBER | Database unique ID |
TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
ISE_NODE | VARCHAR2 | Displays the hostname of the ISE server |
MESSAGE_CODE | NUMBER | Displays the message code |
MESSAGE_TEXT | VARCHAR2 | Message text |
USERNAME | VARCHAR2 | User's claimed identity |
USER_TYPE | VARCHAR2 | User type |
CALLING_STATION_ID | VARCHAR2 | Calling station ID |
ACCESS_SERVICE | VARCHAR2 | Access service |
FRAMED_IP_ADDRESS | VARCHAR2 | Framed IP address |
IDENTITY_STORE | VARCHAR2 | Identity store |
IDENTITY_GROUP | VARCHAR2 | Identity group |
AUDIT_SESSION_ID | VARCHAR2 | Unique numeric string identifying the server session |
AUTHENTICATION_METHOD | VARCHAR2 | Authentication method |
AUTHENTICATION_PROTOCOL | VARCHAR2 | Authentication protocol |
SERVICE_TYPE | VARCHAR2 | The Type of Service the user has requested |
NETWORK_DEVICE_NAME | VARCHAR2 | Network device name |
DEVICE_TYPE | VARCHAR2 | Device type |
LOCATION | VARCHAR2 | Location |
NAS_IP_ADDRESS | VARCHAR2 | IP address of NAS |
NAS_PORT_ID | VARCHAR2 | NAS port ID |
NAS_PORT_TYPE | VARCHAR2 | NAS port type |
SELECTED_AUTHORIZATION_PROFILES | VARCHAR2 | Authorization profile used after authentication |
POSTURE_STATUS | VARCHAR2 | Posture status |
SECURITY_GROUP | VARCHAR2 | Security group |
FAILURE_REASON | VARCHAR2 | Failure reason |
REGISTERED_ENDPOINTS
Displays all personal devices registered by the employees
Type: View
Column name | Data Type | Column Description |
---|---|---|
ENDPOINT_ID | VARCHAR2 | Specifies the MAC address of endpoint |
ENDPOINT_PROFILE | VARCHAR2 | Specifies the profiling policy under which endpoint got profiled |
ENDPOINT_STATIC_ASSIGNMENT | VARCHAR2 | Specifies the endpoint static assignment status |
STATIC_ASSIGNMENT_GROUP | VARCHAR2 | Specifies If endpoint statically assigned to user identity group |
NMAP_SUBNET_SCANID | NUMBER | NMAP subnet of registered end points |
CREATE_TIME | TIMESTAMP(6) WITH TIME ZONE | Time when record was created |
LOGGED_AT | TIMESTAMP(6) WITH TIME ZONE | Time when the record was last updated |
IDENTITY | VARCHAR2 | Specifies the portal user |
DEVICE_REGISTRATION_STATUS | VARCHAR2 | Specifies if device is registered |
IDENTITY_GROUP | VARCHAR2 | Specifies the identity group |
SERVER | VARCHAR2 | Specifies the ISE node |
SECURITY_GROUPS
List and details of security groups
Type: View
Column name | Data Type | Column Description |
---|---|---|
NAME | VARCHAR2 | Specified the name of the security group |
SGT_DEC | NUMBER | Specifies the Security Group Tag in decimal |
SGT_HEX | VARCHAR2 | Specifies the Security Group Tag in hexadecimal |
DESCRIPTION | VARCHAR2 | Describes the security group |
LEARNED_FROM | VARCHAR2 | Specifies where learned from |
SECURITY_GROUP_ACLS
List and details of Security group ACLs
Type: View
Column name | Data Type | Column Description |
---|---|---|
NAME | VARCHAR2 | Name of the Security group ACL |
DESCRIPTION | VARCHAR2 | Description of the security group ACL |
IP_VERSION | VARCHAR2 | Specifies the IP version (ipv4 or ipv6) |
SPONSOR_LOGIN_AND_AUDIT
Tracks login activity by sponsor at the sponsor portal and guest related operation performed by sponsor
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | NUMBER | Database unique ID |
TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
SPONSER_USER_NAME | VARCHAR2 | User name of sponsor |
IP_ADDRESS | VARCHAR2 | IP address |
MAC_ADDRESS | VARCHAR2 | MAC address |
PORTAL_NAME | VARCHAR2 | Portal name |
RESULT | VARCHAR2 | Result |
IDENTITY_STORE | VARCHAR2 | Identity store |
OPERATION | VARCHAR2 | Operation |
GUEST_USERNAME | VARCHAR2 | User name of guest |
GUEST_STATUS | VARCHAR2 | Status of guest |
FAILURE_REASON | VARCHAR2 | Reason of failure |
OPTIONAL_DATA | VARCHAR2 | Optional data |
PSN_HOSTNAME | VARCHAR2 | Hostname of PSN |
USER_DETAILS | VARCHAR2 | Details of user |
GUEST_DETAILS | VARCHAR2 | Details of guest |
GUEST_USERS | CLOB | Guest users |
SYSTEM_DIAGNOSTICS_VIEW
Provides details about the status of the Cisco ISE nodes. If a Cisco ISE node is unable to register, you can review this report to troubleshoot the issue
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | NUMBER | Database unique ID |
TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
ISE_NODE | VARCHAR2 | Displays the hostname of the ISE server |
MESSAGE_SEVERITY | VARCHAR2 | Displays the severity of message |
MESSAGE_CODE | VARCHAR2 | Displays the message code |
MESSAGE_TEXT | VARCHAR2 | Displays the message text |
CATEGORY | VARCHAR2 | Displays the category |
DIAGNOSTIC_INFO | VARCHAR2 | Displays the diagnostic info |
SYSTEM_SUMMARY
Displays system health information like CPU utilization , storage utilization , number of CPU etc
Type: View
Column name | Data Type | Column Description |
---|---|---|
TIMESTAMP | TIMESTAMP(6) | Time when record made |
ISE_NODE | VARCHAR2 | Name of ISE node |
CPU_UTILIZATION | NUMBER | Specifies the CPU utilization in percentage |
CPU_COUNT | NUMBER | Specifies the number of CPU cores |
MEMORY_UTILIZATION | NUMBER | Specifies the percentage of memory utilization |
DISKSPACE_ROOT | NUMBER | Specifies the percentage of storage utilized in root folder |
DISKSPACE_BOOT | NUMBER | Specifies the percentage of storage utilized in boot folder |
DISKSPACE_OPT | NUMBER | Specifies the percentage of storage utilized in opt folder |
DISKSPACE_STOREDCONFIG | NUMBER | Specifies the percentage of storage utilized in storedconfig folder |
DISKSPACE_TMP | NUMBER | Specifies the percentage of storage utilized in tmp folder |
DISKSPACE_RUNTIME | NUMBER | Specifies the percentage of storage utilized in runtime |
TACACS_ACCOUNTING
This view contains details of TACACS accounting records
Type: View
Column name | Data Type | Column Description |
---|---|---|
REMOTE_ADDRESS | VARCHAR2 | Shows the IP address, MAC address, or any other string that uniquely identifies the end station |
ID | NUMBER | Database record primary key for the table |
USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
IDENTITY_GROUP | VARCHAR2 | Identity group to which users belongs to |
GENERATED_TIME | VARCHAR2 | Shows the syslog generation time based on when a particular event was triggered |
LOGGED_TIME | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
AUTHENTICATION_SERVICE | VARCHAR2 | Specifies the authentication service |
AUTHENTICATION_METHOD | VARCHAR2 | Protocol used for authentication |
AUTHENTICATION_PRIVILEGE_LEVEL | VARCHAR2 | Specifies the Authentication Privilege Level |
ATTRIBUTES | VARCHAR2 | Specifies the attributes |
MESSAGE_TEXT | VARCHAR2 | Specifies the message text |
EXECUTION_STEPS | VARCHAR2 | Specifies the execution steps |
AUTHENTICATION_TYPE | VARCHAR2 | Specifies the authentication type |
STATUS | VARCHAR2 | Shows if the status is pass or failed |
MESSAGE_CODE | NUMBER | Syslog message code |
COMMAND | VARCHAR2 | Specifies the command |
COMMAND_ARGS | VARCHAR2 | Specifies the command arguments |
DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
ACCOUNTING_TYPE | VARCHAR2 | Specifies the accounting type |
DEVICE_IPV6 | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
EPOCH_TIME | NUMBER | Specifies the unix epoch time |
FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
SESSION_KEY | VARCHAR2 | Shows the session keys (found in the EAP success or EAP failure messages) returned by ISE to the network device. |
EVENT | VARCHAR2 | Specifies the event like Accounting |
DEVICE_NAME | VARCHAR2 | Name of the network device (The AAA client) |
DEVICE_IP | VARCHAR2 | IP of the network device (The AAA client) |
DEVICE_GROUPS | VARCHAR2 | To which network device group the AAA client belongs to |
DEVICE_PORT | VARCHAR2 | Shows the network device port number through which the access request is made. |
TACACS_ACCOUNTING_LAST_TWO_DAYS
This is performance oriented view which contains all the TACACS accounting records for the last two days
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | NUMBER | Database record primary key for the table |
USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
IDENTITY_GROUP | VARCHAR2 | Identity group to which users belongs to |
GENERATED_TIME | TIMESTAMP(6) WITH TIME ZONE | Shows the syslog generation time based on when a particular event was triggered |
LOGGED_TIME | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
AUTHENTICATION_SERVICE | VARCHAR2 | Specifies the authentication service |
AUTHENTICATION_METHOD | VARCHAR2 | Protocol used for authentication |
AUTHENTICATION_PRIVILEGE_LEVEL | VARCHAR2 | Specifies the authentication privilege level |
AUTHENTICATION_TYPE | VARCHAR2 | Specifies the authentication type |
STATUS | VARCHAR2 | Shows if the status is pass or failed |
MESSAGE_CODE | NUMBER | Syslog message code |
COMMAND | VARCHAR2 | Specifies the command |
COMMAND_ARGS | VARCHAR2 | Specifies the command arguments |
DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
ACCOUNTING_TYPE | VARCHAR2 | Specifies the accounting type |
DEVICE_IPV6 | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
EPOCH_TIME | NUMBER | Specifies the unix epoch time |
FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
SESSION_KEY | VARCHAR2 | Shows the session keys (found in the EAP success or EAP failure messages) returned by ISE to the network device. |
EVENT | VARCHAR2 | Specifies the event like Accounting |
DEVICE_NAME | VARCHAR2 | Name of the network device (The AAA client) |
DEVICE_IP | VARCHAR2 | IP of the network device (The AAA client) |
DEVICE_GROUPS | VARCHAR2 | To which network device group the AAA client belongs to |
DEVICE_PORT | VARCHAR2 | Shows the network device port number through which the access request is made. |
REMOTE_ADDRESS | VARCHAR2 | Shows the IP address, MAC address, or any other string that uniquely identifies the end station |
TACACS_AUTHENTICATION
This provides details of all the TACACS authentication records
Type: View
Column name | Data Type | Column Description |
---|---|---|
REMOTE_ADDRESS | VARCHAR2 | Shows the IP address, MAC address, or any other string that uniquely identifies the end station |
SELECTED_AUTHORIZATION_PROFILE | VARCHAR2 | Authorization profile used after authentication |
DESTINATION_IP_ADDRESS | VARCHAR2 | Specifies the destination IP address |
STATUS | VARCHAR2 | Shows if the authentication succeeded or failed |
DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
IDENTITY_STORE | VARCHAR2 | Identity store to which users belongs to |
DEVICE_IPV6 | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
EPOCH_TIME | NUMBER | Specifies the unix epoch time |
ID | NUMBER | Database record primary key for the table |
GENERATED_TIME | VARCHAR2 | Shows the syslog generation time based on when a particular event was triggered |
LOGGED_TIME | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
MESSAGE_CODE | NUMBER | Syslog message code |
USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
AUTHENTICATION_POLICY | VARCHAR2 | Specifies the authentication policy |
AUTHENTICATION_PRIVILEGE_LEVEL | VARCHAR2 | Specifies the Authentication Privilege Level |
ATTRIBUTES | BLOB | Specifies the attributes |
MESSAGE_TEXT | VARCHAR2 | Specifies the message text |
EXECUTION_STEPS | VARCHAR2 | Specifies the execution steps |
AUTHENTICATION_ACTION | VARCHAR2 | Specifies the authentication action |
AUTHENTICATION_TYPE | VARCHAR2 | Specifies the authentication type |
AUTHENTICATION_SERVICE | VARCHAR2 | Specifies the authentication service |
SESSION_KEY | VARCHAR2 | Shows the session keys (found in the EAP success or EAP failure messages) returned by ISE to the network device. |
EVENT | VARCHAR2 | Specifies the event like Accounting |
DEVICE_NAME | VARCHAR2 | Name of the network device (The AAA client) |
DEVICE_IP | VARCHAR2 | IP of the network device (The AAA client) |
DEVICE_GROUPS | VARCHAR2 | To which network device group the AAA client belongs to |
DEVICE_PORT | VARCHAR2 | Shows the network device port number through which the access request is made. |
TACACS_AUTHENTICATION_LAST_TWO_DAYS
This is performance oriented view which contains all the TACACS authentication records for the last two days
Type: View
Column name | Data Type | Column Description |
---|---|---|
EPOCH_TIME | NUMBER | Specifies the unix epoch time |
ID | NUMBER | Database record primary key for the table |
GENERATED_TIME | TIMESTAMP(6) WITH TIME ZONE | Shows the syslog generation time based on when a particular event was triggered |
LOGGED_TIME | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
MESSAGE_CODE | NUMBER | Syslog message code |
USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
AUTHENTICATION_POLICY | VARCHAR2 | Specifies the authentication policy |
AUTHENTICATION_PRIVILEGE_LEVEL | VARCHAR2 | Specifies the authentication privilege level |
AUTHENTICATION_ACTION | VARCHAR2 | Specifies the authentication action |
AUTHENTICATION_TYPE | VARCHAR2 | Specifies the authentication type |
AUTHENTICATION_SERVICE | VARCHAR2 | Specifies the authentication service |
SESSION_KEY | VARCHAR2 | Shows the session keys (found in the EAP success or EAP failure messages) returned by ISE to the network device. |
EVENT | VARCHAR2 | Specifies the event like Accounting |
DEVICE_NAME | VARCHAR2 | Name of the network device (The AAA client) |
DEVICE_IP | VARCHAR2 | IP of the network device (The AAA client) |
DEVICE_GROUPS | VARCHAR2 | To which network device group the AAA client belongs to |
DEVICE_PORT | VARCHAR2 | Shows the network device port number through which the access request is made. |
REMOTE_ADDRESS | VARCHAR2 | Shows the IP address, MAC address, or any other string that uniquely identifies the end station |
SELECTED_AUTHORIZATION_PROFILE | VARCHAR2 | Authorization profile used after authentication |
DESTINATION_IP_ADDRESS | VARCHAR2 | Specifies the destination IP address |
STATUS | VARCHAR2 | Shows if the authentication succeeded or failed |
DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
IDENTITY_STORE | VARCHAR2 | Identity store to which users belongs to |
DEVICE_IPV6 | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
TACACS_AUTHENTICATION_SUMMARY
Display aggregate view of TACACS authentications
Type: View
Column name | Data Type | Column Description |
---|---|---|
USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
IDENTITY_STORE | VARCHAR2 | Identity store to which users belongs to |
DEVICE_NAME | VARCHAR2 | Name of the network device (The AAA client) |
DEVICE_GROUP | VARCHAR2 | To which network device group the AAA client belongs to |
DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
AUTHORIZATION_PROFILES | VARCHAR2 | Specifies the authorization profiles |
FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
PASSED_COUNT | NUMBER | Number of successful authentication |
FAILED_COUNT | NUMBER | Number of failed authentication |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
TACACS_AUTHORIZATION
This provides details of all the TACACS authorization records
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | NUMBER | Database unique ID |
GENERATED_TIME | VARCHAR2 | Shows the syslog generation time based on when a particular event was triggered |
LOGGED_TIME | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
ATTRIBUTES | BLOB | Specifies the attributes |
EXECUTION_STEPS | VARCHAR2 | Specifies the execution steps |
STATUS | VARCHAR2 | Shows if the status is pass or failed |
EVENT | VARCHAR2 | Specifies the event like Accounting |
MESSAGE_TEXT | VARCHAR2 | Specifies the operational message text |
DEVICE_IPV6 | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
DEVICE_NAME | VARCHAR2 | Name of the network device (The AAA client) |
DEVICE_IP | VARCHAR2 | IP of the network device (The AAA client) |
DEVICE_GROUP | VARCHAR2 | To which network device group the AAA client belongs to |
DEVICE_PORT | VARCHAR2 | Shows the network device port number through which the access request is made. |
EPOCH_TIME | NUMBER | Specifies the unix epoch time |
FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
AUTHORIZATION_POLICY | VARCHAR2 | Specifies the authorization policy |
AUTHENTICATION_PRIVILEGE_LEVEL | VARCHAR2 | Specifies the Authentication Privilege Level |
AUTHORIZATION_REQUEST_ATTR | VARCHAR2 | Specifies the request attribute |
AUTHORIZATION_RESPONSE_ATTR | CLOB | Specifies the response attribute |
SESSION_KEY | VARCHAR2 | Shows the session keys (found in the EAP success or EAP failure messages) returned by ISE to the network device. |
REMOTE_ADDRESS | VARCHAR2 | Shows the IP address, MAC address, or any other string that uniquely identifies the end station |
SHELL_PROFILE | VARCHAR2 | Specifies the TACACS Profiles |
AUTHENTICATION_METHOD | VARCHAR2 | Specifies the authentication method |
AUTHENTICATION_TYPE | VARCHAR2 | Specifies the authentication type |
AUTHENTICATION_SERVICE | VARCHAR2 | Specifies the authentication type |
DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
MATCHED_COMMAND_SET | VARCHAR2 | Matched TACACS command sets |
COMMAND_FROM_DEVICE | VARCHAR2 | Specifies the command in the matched command set |
TACACS_AUTHORIZATION_LAST_TWO_DAYS
This is performance oriented view which contains all the TACACS authorization records for the last two days.
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | NUMBER | Database unique ID |
GENERATED_TIME | VARCHAR2 | Shows the syslog generation time based on when a particular event was triggered |
LOGGED_TIME | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
ATTRIBUTES | BLOB | Specifies the attributes |
EXECUTION_STEPS | VARCHAR2 | Specifies the execution steps |
STATUS | VARCHAR2 | Shows if the status is pass or failed |
EVENT | VARCHAR2 | Specifies the event like Accounting |
MESSAGE_TEXT | VARCHAR2 | Specifies the operational message text |
DEVICE_IPV6 | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
DEVICE_NAME | VARCHAR2 | Name of the network device (The AAA client) |
DEVICE_IP | VARCHAR2 | IP of the network device (The AAA client) |
DEVICE_GROUP | VARCHAR2 | To which network device group the AAA client belongs to |
DEVICE_PORT | VARCHAR2 | Shows the network device port number through which the access request is made. |
EPOCH_TIME | NUMBER | Specifies the unix epoch time |
FAILURE_REASON | VARCHAR2 | Specifies the reason for failure |
USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
AUTHORIZATION_POLICY | VARCHAR2 | Specifies the authorization policy |
AUTHENTICATION_PRIVILEGE_LEVEL | VARCHAR2 | Specifies the Authentication Privilege Level |
AUTHORIZATION_REQUEST_ATTR | VARCHAR2 | Specifies the request attribute |
AUTHORIZATION_RESPONSE_ATTR | CLOB | Specifies the response attribute |
SESSION_KEY | VARCHAR2 | Shows the session keys (found in the EAP success or EAP failure messages) returned by ISE to the network device. |
REMOTE_ADDRESS | VARCHAR2 | Shows the IP address, MAC address, or any other string that uniquely identifies the end station |
SHELL_PROFILE | VARCHAR2 | Specifies the TACACS Profiles |
AUTHENTICATION_METHOD | VARCHAR2 | Specifies the authentication method |
AUTHENTICATION_TYPE | VARCHAR2 | Specifies the authentication type |
AUTHENTICATION_SERVICE | VARCHAR2 | Specifies the authentication type |
DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
MATCHED_COMMAND_SET | VARCHAR2 | Matched TACACS command sets |
COMMAND_FROM_DEVICE | VARCHAR2 | Specifies the command in the matched command set |
TACACS_COMMAND_ACCOUNTING
Displays details of TACACS command accounting
Type: View
Column name | Data Type | Column Description |
---|---|---|
LOCATION | VARCHAR2 | Shows the device group device location of the AAA client |
EPOCH_TIME | NUMBER | Specifies the unix epoch time |
ID | NUMBER | Unique database ID |
USERNAME | VARCHAR2 | Shows the user name of the device administrator. |
GENERATED_TIME | VARCHAR2 | Shows the syslog generation time based on when a particular event was triggered |
LOGGED_TIME | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
ISE_NODE | VARCHAR2 | Shows the name of the ISE node through which the access request is processed. |
AUTHENTICATION_PRIVILEGE_LEVEL | VARCHAR2 | Specifies the Authentication Privilege Level |
ATTRIBUTES | BLOB | Specifies the attributes |
EXECUTION_STEPS | VARCHAR2 | Specifies the execution steps |
STATUS | VARCHAR2 | Shows if the status pass or failed |
EVENT | VARCHAR2 | Specifies the event like Accounting |
MESSAGE_TEXT | VARCHAR2 | Specifies the message text |
FAILURE_REASON | VARCHAR2 | Specifies the failure reason |
IDENTITY_GROUP | VARCHAR2 | Identity group to which users belongs to |
SESSION_KEY | VARCHAR2 | Shows the session keys (found in the EAP success or EAP failure messages) returned by ISE to the network device. |
DEVICE_NAME | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
DEVICE_IP | VARCHAR2 | IP of the network device (The AAA client) |
DEVICE_GROUPS | VARCHAR2 | To which network device group the AAA client belongs to |
DEVICE_PORT | VARCHAR2 | Shows the network device port number through which the access request is made. |
DEVICE_IPV6 | VARCHAR2 | IPV6 address of the network device (The AAA Client) |
REMOTE_ADDRESS | VARCHAR2 | Shows the IP address, MAC address, or any other string that uniquely identifies the end station |
AUTHENTICATION_METHOD | VARCHAR2 | Specifies the authentication method |
AUTHENTICATION_TYPE | VARCHAR2 | Specifies the authentication type |
AUTHENTICATION_SERVICE | VARCHAR2 | Specifies the authentication service |
COMMAND | VARCHAR2 | Specifies the command |
COMMAND_ARGS | VARCHAR2 | Specifies the command arguments |
DEVICE_TYPE | VARCHAR2 | Shows the device group device type of the AAA client |
UPSPOLICY
Internal view. Not to be used.
UPSPOLICYSET
Internal view. Not to be used.
UPSPOLICYSET_POLICIES
Internal view. Not to be used.
THREAT_EVENTS
Log of threat events received from various sources
Type: View
Column name | Data Type | Column Description |
---|---|---|
LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
MAC_ADDRESS | VARCHAR2 | Specifies the MAC address |
IP_ADDRESS | VARCHAR2 | Specifies the IP address |
ID | VARCHAR2 | Unique database identifier |
SEVERITY | VARCHAR2 | Specifies the severity |
TITLE | VARCHAR2 | Specifies the title |
EVENT_TIME | VARCHAR2 | Specifies the event time |
VENDOR_NAME | VARCHAR2 | Specifies the vendor name |
SOURCE | VARCHAR2 | Specifies the source |
INCIDENT_TYPE | VARCHAR2 | Specifies the incident type |
DETAILS | VARCHAR2 | Gives further details |
USER_IDENTITY_GROUPS
This will provide details of all the user identity groups
Type: View
Column name | Data Type | Column Description |
---|---|---|
ID | VARCHAR2 | Primary key for user identity groups |
NAME | VARCHAR2 | Name of the group |
DESCRIPTION | VARCHAR2 | Description of the group |
CREATED_BY | VARCHAR2 | The group was created by whom |
CREATE_TIME | TIMESTAMP(6) WITH TIME ZONE | When the record was created |
UPDATE_TIME | TIMESTAMP(6) WITH TIME ZONE | When the record was updated |
STATUS | VARCHAR2 | Shows if the group is active |
USER_PASSWORD_CHANGES
Displays verification about employees password changes
Type: View
Column name | Data Type | Column Description |
---|---|---|
TIMESTAMP_TIMEZONE | TIMESTAMP(6) WITH TIME ZONE | Time with timezone when record added |
TIMESTAMP | TIMESTAMP(6) | Time when record added |
ISE_NODE | VARCHAR2 | Displays the hostname of the ISE server |
MESSAGE_CODE | VARCHAR2 | Displays the message code |
ADMIN_NAME | VARCHAR2 | Admin name |
ADMIN_IP_ADDRESS | VARCHAR2 | Admin IP address |
ADMIN_IPV6_ADDRESS | VARCHAR2 | Admin IPV6 address |
ADMIN_INTERFACE | VARCHAR2 | Admin interface used |
MESSAGE_CLASS | VARCHAR2 | Message class |
MESSAGE_TEXT | VARCHAR2 | Displays the message text |
OPERATOR_NAME | VARCHAR2 | Operator name |
USER_ADMIN_FLAG | VARCHAR2 | User admin flag |
ACCOUNT_NAME | VARCHAR2 | Account name |
DEVICE_IP | VARCHAR2 | Device IP |
IDENTITY_STORE_NAME | VARCHAR2 | Identity store name |
CHANGE_PASSWORD_METHOD | VARCHAR2 | Method of password change |
AUDIT_PASSWORD_TYPE | VARCHAR2 | Password type |
VULNERABILITY_ASSESSMENT_FAILURES
This report contains details of endpoints for which Vulnerability Assessment failed
Type: View
Column name | Data Type | Column Description |
---|---|---|
LOGGED_AT | TIMESTAMP(6) | Shows the time when the syslog was processed and stored by the Monitoring node |
ID | VARCHAR2 | Unique database ID |
ADAPTER_INSTANCE_NAME | VARCHAR2 | Specifies the adapter instance name |
ADAPTER_INSTANCE_ID | VARCHAR2 | Specifies the adapter instance ID |
VENDOR_NAME | VARCHAR2 | Specifies the vendor name |
ISE_NODE | VARCHAR2 | Specifies the ACS instance |
MAC_ADDRESS | VARCHAR2 | Specifies the MAC address |
IP_ADDRESS | VARCHAR2 | Specifies the IP address |
OPERATION_MESSSAGE_TEXT | VARCHAR2 | Specifies the operation message text |
MESSAGE_TYPE | VARCHAR2 | Specifies the message type |