Go to Monitor > Authentications to display the Authentications page. Authentications data categories are described in the following table.
Table A-1 Authentications
Option
Description
Time
Shows the time that the log was received by the monitoring and troubleshooting collection agent. This column is required and cannot be deselected.
Status
Shows if the authentication was successful or a failure. This column is required and cannot be deselected. Green is used to represent passed authentications. Red is used to represent failed authentications.
Details
Brings up a report when you click the magnifying glass icon, allowing you to drill down and view more-detailed information on the selected authentication scenario. This column is required and cannot be deselected.
Username
Shows the username that is associated with the authentication.
Calling Station ID
Shows the unique identifier for an endpoint, usually a MAC or IP address.
IP Address
Shows the IP address of the endpoint device.
NAD
IP address of the network access device.
Optionally, you can choose to show the following categories:
Table A-2 Optional Authentications Categories
Option
Description
Server
Indicates the policy service ISE node from which the log was generated.
NAS Port ID
Network access server (NAS) port at which the endpoint is connected.
Failure Reason
Shows a detailed reason for failure, if the authentication failed.
SGA Security Group
Shows a security profile for the authentication.
Authorization Profiles
Shows an authorization profile that was used for authentication.
Auth Method
Shows the authentication method that is used by the RADIUS protocol, such as Microsoft Challenge Handshake Authentication Protocol version 2 (MSCHAPv2), IEE 802.1x or dot1x, and the like.
Authentication Protocol
Shows the authentication protocol used, such as Protected Extensible Authentication Protocol (PEAP), Extensible Authentication Protocol (EAP), and the like.
SGA Security Group
Shows the trust group that is identified by the authentication log.
Identity Group
Shows the identity group that is assigned to the user or endpoint, for which the log was generated.
Posture Status
Shows the status of posture validation and details on the authentication.
The Monitor > Alarms > Inbox options are as follows:
Table A-3 Inbox
Option
Description
Severity
Display only. Indicates the severity of the associated alarm. Options are:
•Critical
•Warning
•Info
Name
Indicates the name of the alarm. Click to display the Alarms: Properties page and edit the alarm.
Time
Display only. Indicates the time of the associated alarm generation in the format Ddd Mmm dd hh:mm:ss timezone yyyy, where:
•Ddd = Sun, Mon, Tue, Wed, Thu, Fri, Sat.
•Mmm = Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, Dec.
•dd = Day of the month, from 01 to 31.
•hh = Hour of the day, from 00 to 23.
•mm = Minute of the hour, from 00 to 59.
•ss = Second of the minute, from 00 to 59.
•timezone = The time zone.
•yyyy = A four-digit year.
Cause
Display only. Indicates the cause of the alarm.
Assigned To
Display only. Indicates who is assigned to investigate the alarm.
Status
Display only. Indicates the status of the alarm. Options are:
•New—The alarm is new.
•Acknowledged—The alarm is known.
•Closed—The alarm is closed.
Edit
Check the check box next to the alarm that you want to edit, and click Edit to edit the status of the alarm and view the corresponding report.
Close
Check the check box next to the alarm that you want to close, and click Close to close the alarm. You can enter closing notes before you close an alarm.
Note Closing an alarm only removes the alarm. It does not delete the alarm.
Delete
Check the check box next to the alarm that you want to delete, and click Delete to delete the alarm.
Edit > Alarm
Click Edit on the Inbox to bring up this page that provides information on the event that triggered the alarm. You cannot edit any of the fields in the Alarm tab. The options are shown in the following table.
Table A-4 Edit Alarm
Option
Description
Occurred At
Date and time when the alarm was triggered.
Cause
The event that triggered the alarm.
Detail
Additional details about the event that triggered the alarm. ISE usually lists the counts of items that exceeded the specified threshold.
Report Links
Wherever applicable, one or more hyperlinks are provided to the relevant reports that allow you to further investigate the event.
Threshold
Information on the threshold configuration.
Edit > Status
Click Edit on the Inbox to bring up this page that allows you to edit the status of the alarm and add a description to track the event. The options are shown in the following table.
Table A-5 Edit Status
Option
Description
Status
Status of the alarm. When an alarm is generated, its status is New. After you view the alarm, change the status of the alarm to Acknowledged or Closed to indicate the current status of the alarm.
Assigned To
(Optional) Specify the name of the user to whom this alarm is assigned.
Notes
(Optional) Enter any additional information about the alarm that you want to record.
Rules
Click Monitor > Alarms > Rules to specify parameters for the following alarm rules:
Modify the fields described in the following table, to create a threshold with the passed authentication criteria.
Table A-6 Passed Authentications
Option
Description
Passed Authentications
Greater than <count> <occurrences | %> in the past <time> <Minutes | Hours> for a <object>, where:
•<count> values can be the absolute number of occurrences or percent. Valid values are:
–count must be in the range 0 to 99 for greater than.
–count must be in the range 1 to 100 for lesser than.
•<occurrences | %> value can be occurrences or %.
•<time> values can be 1 to 1440 minutes, or 1 to 24 hours.
•<Minutes|Hours> value can be Minutes or Hours.
•<object> values can be any of the following:
–ISE Instance
–User
–Identity Group
–Device IP
–Identity Store
–Allowed Protocol
–NAD Port
–AuthZ Profile
–AuthN Method
–EAP AuthN
–EAP Tunnel
Note In a distributed deployment, if there are two instances, the count is calculated as an absolute number or as a percentage for each of the instances. An alarm is triggered only when the individual count of any instance exceeds the threshold.
Filter
ISE Instance
Choose a valid ISE instance for the threshold.
User
Choose or enter a valid username for the threshold.
Identity Group
Choose a valid identity group name for the threshold.
Device Name
Choose a valid device name for the threshold.
Device IP
Choose or enter a valid device IP address for the threshold.
Device Group
Choose a valid device group name for the threshold.
Identity Store
Choose a valid identity store name for the threshold.
Allowed Protocol
Choose a valid allowed protocol name for the threshold.
MAC Address
Choose or enter a valid MAC address for the threshold. This filter is available only for RADIUS authentications.
NAD Port
Choose a port for the network device for the threshold. This filter is available only for RADIUS authentications.
AuthZ Profile
Choose an authorization profile for the threshold. This filter is available only for RADIUS authentications.
AuthN Method
Choose an authentication method for the threshold. This filter is available only for RADIUS authentications.
EAP AuthN
Choose an EAP authentication value for the threshold. This filter is available only for RADIUS authentications.
EAP Tunnel
Choose an EAP tunnel value for the threshold. This filter is available only for RADIUS authentications.
Protocol
Configure the protocol that you want to use for your threshold.
Failed Authentications
Modify the fields described in the following table, to create a threshold with the passed authentication criteria.
Table A-7 Failed Authentications
Option
Description
Failed Authentications
Greater than <count> <occurrences | %> in the past <time> <Minutes|Hours> for a <object>, where:
•<count> values can be the absolute number of occurrences or percent. Valid values must be in the range 0 to 99.
•<occurrences | %> value can be occurrences or %.
•<time> values can be 1 to 1440 minutes, or 1 to 24 hours.
•<Minutes|Hours> value can be Minutes or Hours.
•<object> values can be any of the following:
–ISE Instance
–User
–Identity Group
–Device IP
–Identity Store
–Allowed Protocol
–NAD Port
–AuthZ Profile
–AuthN Method
–EAP AuthN
–EAP Tunnel
Note In a distributed deployment, if there are two instances, the count is calculated as an absolute number or as a percentage for each of the instances. An alarm is triggered only when the individual count of any instance exceeds the specified threshold.
Filter
Failure Reason
Enter a valid failure reason name for the threshold.
ISE Instance
Choose a valid ISE instance for the threshold.
User
Choose or enter a valid username for the threshold.
Identity Group
Choose a valid identity group name for the threshold.
Device Name
Choose a valid device name for the threshold.
Device IP
Choose or enter a valid device IP address for the threshold.
Device Group
Choose a valid device group name for the threshold.
Identity Store
Choose a valid identity store name for the threshold.
Allowed Protocol
Choose a valid allowed protocol name for the threshold.
MAC Address
This filter is available only for RADIUS authentications.
NAD Port
This filter is available only for RADIUS authentications.
AuthZ Profile
This filter is available only for RADIUS authentications.
AuthN Method
This filter is available only for RADIUS authentications.
EAP AuthN
This filter is available only for RADIUS authentications.
EAP Tunnel
This filter is available only for RADIUS authentications.
Protocol
Configure the protocol that you want to use for your threshold.
Authentication Inactivity
Define threshold criteria based on authentications that are inactive, modifying the following fields necessary.
Table A-8 Authentication Inactivity
Option
Description
ISE Instance
Choose a valid instance for the threshold.
Device
Choose a valid device for the threshold.
Protocol
Choose the protocol for threshold.
Inactive for
Select one of the following options:
•Hours—Number of hours, from 1 to 744.
•Days—Number of days, from 1 to 31.
ISE Configuration Changes
Define threshold criteria based on system diagnostics in the ISE instance.
Table A-9 ISE Configuration Changes
Option
Description
Administrator
Choose a valid administrator username for the threshold.
Object Name
Enter the name of the object for the threshold.
Object Type
Choose a valid object type for the threshold.
Change
Select a administrative change for the threshold:
•Any
•Create—Includes "duplicate" and "edit" administrative actions.
•Update
•Delete
Filter
ISE Instance
Choose a valid ISE instance for the threshold.
ISE System Diagnostics
Define threshold criteria based on system diagnostics in the ISE instance.
Table A-10 ISE System Diagnostics
Option
Description
Severity at and above
Choose the severity level for the threshold. This setting captures the indicated severity level and those that are higher within the threshold:
•Fatal
•Error
•Warning
•Info
•Debug
Message Text
Enter the message text for the threshold. Maximum character limit is 1024.
Filter
ISE Instance
Choose a valid ISE instance for the threshold.
ISE Process Status
Define rule criteria based on ISE process status.
Table A-11 ISE Process Status
Option
Description
Monitor Processes
ISE Database
Adds the ISE database to the configuration.
ISE Database Listener
Adds the ISE management to the configuration.
ISE Application server
Adds the ISE runtime to the configuration.
ISE M&T Session
Monitors this process. If this process goes down, an alarm is generated.
ISE M&T Log Collector
Monitors this process. If this process goes down, an alarm is generated.
ISE M&T Alert Process
Monitors this process. If this process goes down, an alarm is generated.
ISE M&T Log Processor
Monitors this process. If this process goes down, an alarm is generated.
Filter
ISE Instance
Choose a valid ISE instance for the threshold.
ISE System Health
Define threshold criteria for ISE system health.
Table A-12 ISE System Health
Option
Description
Average over the past
Select the amount of time, where <min> minutes values are: 15, 30, 45, 60
CPU
Enter the percentage of CPU usage. The valid range is from 1 to 100.
Memory
Enter the percentage of memory usage (greater than or equal to the specified value). The valid range is from 1 to 100.
Disk I/O
Enter the percentage of disk usage (greater than or equal to the specified value). The valid range is from 1 to 100.
Disk Space Used/opt
Enter the percentage of /opt disk space (greater than or equal to the specified value). The valid range is from 1 to 100.
Disk Space Used/local disk
Enter the percentage of local disk space (greater than or equal to the specified value). The valid range is from 1 to 100.
Disk Space Used/
Enter the percentage of the / disk space (greater than or equal to the specified value). The valid range is from 1 to 100.
Disk Space Used/tmp
Enter the percentage of temporary disk space (greater than or equal to the specified value). The valid range is from 1 to 100.
Filter
ISE Instance
Choose a valid ISE instance.
ISE AAA Health
Define threshold criteria for ISE AAA Health.
Table A-13 ISE AAA Health
Option
Description
Average over the past
Select the amount of time, where <min> minutes values are: 15, 30, 45, 60
RADIUS Throughput
Enter the number of RADIUS transactions per second (lesser than or equal to the specified value). The valid range is from 1 to 999999.
RADIUS Latency
Enter the number in milliseconds for RADIUS latency (greater than or equal to the specified value). The valid range is from 1 to 999999.
Filter
ISE Instance
Choose a valid ISE instance for the threshold.
Authenticated But No Accounting Start
Define the threshold rule criteria for a specified number of authenticated sessions for a device IP
Table A-14 Authentication But No Accounting Start
Option
Description
More than <num> authenticated sessions in the past 15 minutes, where accounting start event has not been received for a Device IP
<num>—A count of authenticated sessions in the past 15 minutes.
Filter
ISE Instance
Choose a valid ISE instance.
Device IP
Choose or enter a valid device IP address.
Unknown NAD
Define threshold criteria based on authentications that have failed because of an unknown NAD.
Table A-15 Unknown NAD
Option
Description
Unknown NAD count
Greater than <num> in the past <time> <Minutes|Hours> for a <object>, where:
•<num> values can be any five-digit number greater than or equal to zero (0).
•<time> values can be 1 to 1440 minutes, or 1 to 24 hours.
•<Minutes|Hours> value can be Minutes or Hours.
•<object> values can be:
–ISE Instance
–Device IP
Filter
ISE Instance
Choose a valid ISE instance.
Device IP
Choose or enter a valid device IP address .
Protocol
Select a protocol for the threshold. Valid options are: RADIUS
External DB Unavailable
Define threshold criteria based on an external database that ISE is unable to connect to.
Table A-16 External DB Unavailable
Option
Description
External DB Unavailable
<percent|count> greater than <num> in the past <time> <Minutes|Hours> for a <object>, where:
•<Percent|Count> value can be Percent or Count.
•<num> values can be any one of the following:
–0 to 99 for percent
–0 to 99999 for count
•<time> values can be 1 to 1440 minutes, or 1 to 24 hours.
•<Minutes|Hours> value can be Minutes or Hours.
•<object> values can be:
–ISE Instance
–Identity Store
Filter
ISE Instance
Choose a valid ISE instance.
Identity Group
Choose a valid identity group name.
Identity Store
Choose a valid identity store name.
Allowed Protocol
Choose a valid allowed protocol name.
Protocol
Select a protocol. Valid options are: RADIUS
RBACL Drops
Define the RBACL Drops threshold.
Table A-17 RBACL Drops
Option
Description
RBACL drops
Greater than <num> in the past <time> <Minutes|Hours> by a <object>, where:
•<num> values can be any five-digit number greater than or equal to zero (0).
•<time> values can be 1 to 1440 minutes, or 1 to 24 hours.
•<Minutes|Hours> value can be Minutes or Hours.
•<object> values can be:
–NAD
–SGT
–DGT
–DST_IP
Filter
Device IP
Choose or enter a valid device IP address.
SGT
Choose or enter a valid source group tag.
DGT
Choose or enter a valid destination group tag.
Destination IP
Choose or enter a valid destination IP address.
NAD-Reported AAA Downtime
Define threshold criteria based on the AAA downtime that a network access device reports.
Table A-18 NAD-Reported AAA Downtime
Option
Description
AAA down
Greater than <num> in the past <time> <Minutes|Hours> by a <object>, where:
•<num> values can be any five-digit number greater than or equal to zero (0).
•<time> values can be 1 to 1440 minutes, or 1to 24 hours.
•<Minutes|Hours> value can be Minutes or Hours.
•<object> values can be:
–Device IP
–Device Group
Filter
ISE Instance
Choose a valid ISE instance.
Device IP
Choose or enter a valid device IP address.
Device Group
Choose a valid device group name.
Schedules
Click Monitor > Alarms > Schedules to establish schedules for alarm rules.
Table A-19 Schedules
Option
Description
Filter
Enter a text string on which to filter for a schedule.
Go
Click to filter on the text string.
Clear Filter
Click to clear the filter field.
Name
The name of the schedule. Click the name link to view and/or edit schedule details.
Description
Description of the schedule.
Create
Click to create a new schedule. Specify the following:
•Name
•Description
•Schedule—Click a square to select/deselect that hour.
•Select All—Click to select all hours.
•Clear All—Click to clear all selected hours.
•Undo All—Click to clear all fields on this page.
•Submit—Click to create the schedule.
•Cancel—Click to cancel to exit without saving the schedule.
Edit
Select a schedule and click Edit to make changes to the schedule. Edit options are the same as the Create options.
Delete
Select a schedule and click Delete to delete the schedule. Confirm you choice by clicking Yes in the Confirm Deletion dialog, or No to exit without deleting the schedule.
Reports
This section covers the following user interface elements:
Provides RADIUS authentication summary information for a selected time period; along with a graphical representation.
Passed authentications, failed attempts
RADIUS Accounting
Provides user accounting information based on RADIUS for a selected time period.
RADIUS accounting
RADIUS Authentication
Provides RADIUS authentication details for a selected time period.
Passed authentications, failed attempts
Allowed Protocol
Allowed Protocol Authentication Summary
Provides RADIUS authentication summary information for a particular allowed protocol for a selected time period; along with a graphical representation.
Passed authentications, failed attempts
Top N Authentications By Allowed Protocol
Provides the top N passed, failed, and total authentication count for RADIUS authentications with respect to the allowed protocol for a selected time period.
Passed authentications, failed attempts
Policy Service Instance
ISE Administrator Logins
Provides access-related events for administrators that includes login, logout, events, and reasons for failed login attempts.
Administrative and operational audit
ISE Instance Authentication Summary
Provides RADIUS authentication summary information for a particular ISE instance for a selected time period; along with a graphical representation.
This report could take several minutes to run depending on the number of records in the database.
Note When you reload this report, if rate of incoming syslog messages is around 150 messages per second or more, the total number of passed and failed authentications that appear above the graph and the passed and failed authentication count that is displayed in the table do not match.
Passed authentications, failed attempts
ISE Configuration Audit
Provides all the configuration changes done in ISE by the administrator for a selected time period.
Administrative and operational audit
ISE Health Summary
Provides the CPU, memory utilization, RADIUS and throughput (in tabular and graphical formats) and also process status, process downtime, and disk space utilization for a particular ISE instance in a selected time period.
System statistics
ISE Operations Audit
Provides all the operational changes done in ISE by the administrator for a selected time period.
Administrative and operational audit
ISE System Diagnostics
Provides system diagnostic details based on severity for a selected time period.
Internal Operations Diagnostics, distributed management, administrator authentication and authorization
Top N Authentication by ISE Instance
Provides the top N passed, failed, and total authentication count for RADIUS protocol with respect to a particular ISE instance for a selected time period.
Passed authentications, failed attempts
User Change Password Audit
Provides the username of the internal user, identity store name, name of the ISE instance, and time when the user password was changed. Helps to keep track of all changes made to internal user passwords across all ISE interfaces.
Administrative and operational audit
Endpoint
Endpoint MAC Authentication Summary
Provides the RADIUS authentication summary information for a particular MAC or MAB for a selected time period; along with a graphical representation.
Passed authentications, failed attempts
Endpoint Profiler Summary
Provides the endpoint profiler summary information for a particular MAC address for a selected time period.
Profiler
Top N Authentications By Endpoint Calling Station ID
Provides the top N passed, failed, and total authentication count with respect to endpoint calling station IDs.
Passed authentications, failed attempts
Top N Authentications By Endpoint MAC Address
Provides the top N passed, failed, and total authentication count for RADIUS protocol with respect to MAC or MAB address for a selected time period.
Passed authentications, failed attempts
Top N Authentications By Machine
Provides the top N passed, failed, and total authentication count for RADIUS protocol with respect to machine information for a selected time period.
Passed authentications, failed attempts
Failure Reason
Authentication Failure Code Lookup
Provides the description and the appropriate resolution steps for a particular failure reason.
—
Failure Reason Authentication Summary
Provides the RADIUS authentication summary information for a particular failure reason; along with a graphical representation for a selected time period.
Failed attempts
Top N Authentications By Failure Reason
Provides the top N failed authentication count for RADIUS protocols with respect to Failure Reason for a selected time period.
Failed attempts
Network Device
AAA Down Summary
Provides the number of AAA unreachable events that a NAD logs within a selected time period.
—
Network Device Authentication Summary
Provides the RADIUS authentication summary information for a particular network device for a selected time period, along with the graphical representation.
Passed authentications, failed attempts
Network Device Log Messages
Provides you the log information of a particular network device, for a specified time period.
—
Session Status Summary
Provides the port sessions and status of a particular network device obtained by SNMP.
—
Top N AAA Down By Network Device
Provides the number of AAA down events encountered by each of the network devices.
—
Top N Authentications by Network Device
Provides the top N passed, failed, and total authentication count for RADIUS with respect to network device for a selected time period.
Passed authentications, failed attempts
User
Client Provisioning
Provides a summary of successful and unsuccessful client provisioning evaluation and download events, displayed according to the associated User ID.
Client provisioning
Guest Provisioning
Provides session (login and log out) information for selected guests over a specified time period.
Passed authentications, RADIUS accounting
Guest Activity
Provides guest information for a selected time period.
Passed authentications
Guest Sponsor Summary
Provides sponsor information along with a graphical representation, for a selected time period.
Passed authentications
Top N Authentications By User
Provides top N passed, failed, and total authentication count for RADIUS with respect to users for a selected time period.
Passed authentications, failed attempts
Unique Users
Provides the count for the number of unique users.
User
User Authentication Summary
Provides RADIUS authentication summary information for a particular user for a selected time period; along with the graphical representation.
Passed authentications, failed attempts
Security Group Access
RBACL Drop Summary
Provides a summary of RBAC drop events.
—
SGT Assignment Summary
Provides a summary of SGT assignments for a selected time period.
Passed authentications
Top N RBACL Drops By Destination
Provides the top N RBACL drop event count with respect to destination for a selected time period.
—
Top N RBACL Drops By User
Provides the top N RBACL drop event count with respect to the user for a selected time period.
—
Top N SGT Assignments
Provides the top N SGT assignment count for a selected time period.
Passed authentications
Session Directory
RADIUS Active Sessions
Provides information on RADIUS authenticated, authorized, and started sessions.
Dynamically control active RADIUS sessions. Send a reauthenticate or disconnect request to a NAD to:
•Reauthenticate the user
•Terminate the session
•Terminate the session and restart the port
•Terminate the session and shut down the port
Passed authentications, RADIUS accounting
RADIUS Session History
Provides a summary of RADIUS session history, such as total authenticated, active, and terminated sessions and total and average session duration and throughput for a selected time period.
Passed authentications, RADIUS accounting
RADIUS Terminated Sessions
Provides all the RADIUS terminated session information for a selected time period.
Passed authentications, RADIUS accounting
Posture
Posture Detail Assessment
Provides the posture authentication summary information for a particular user for a selected time period.
Posture and Client Provisioning Audit, Posture and Client Provisioning Diagnostics
Posture Trend
Provides the count of passed or failed, as well as status information for a particular policy for a selected time period; along with the graphical representation.
Posture and Client Provisioning Audit, Posture and Client Provisioning Diagnostics
Report Type Page
Select a category name from the Reports navigation pane. The Reports Type page appears.
Table A-21 Report Type Page
Option
Description
Report Name
A list of available report names for the category you selected.
Type
The type of report.
Modified At
The time the report was last modified by an administrator, in the format Ddd Mmm dd hh:mm:ss timezone yyyy, where:
•dd = A two-digit numeric representation of the day of the month, from 01 to 31.
•hh = A two-digit numeric representation of the hour of the day, from 00 to 23.
•mm = A two-digit numeric representation of the minute of the hour, from 00 to 59.
•ss = A two-digit numeric representation of the second of the minute, from 00 to 59.
•timezone = The time zone.
•yyyy = A four-digit representation of the year.
Filter
Enter a text string to search for on in the field and click Filter.
Report Name Page
Not all options listed in the following table are used in all reports.
Table A-22 Report Name Page
Option
Description
User
Enter a username or click Select to enter a valid username on which to configure your threshold.
MAC Address
Enter a MAC address or click Select to enter a valid MAC address on which to run your report.
Identity Group
Enter an identity group name or click Select to enter a valid identity group name on which to run your report.
Device Name
Enter a device name or click Select to enter a valid device name on which to run your report.
Device IP
Enter a device IP address or click Select to enter a valid device IP address on which to run your report.
Device Group
Enter a device group name or click Select to enter a valid device group name on which to run your report.
Allowed Protocol
Enter an allowed protocol name or click Select to enter a valid allowed protocol name on which to run your report
Identity Store
Enter an identity store name or click Select to enter a valid identity store name on which to run your report.
ISE Instance
Enter an ISE instance name or click Select to enter a valid ISE instance name on which to run your report.
Failure Reason
Enter a failure reason name or click Select to enter a valid failure reason name on which to run your report.
Protocol
Use the drop down list box to select which protocol on which you want to run your report. RADIUS is the only option at this time.
Authentication Status
Use the drop down list box to select which authentication status on which you want to run your report. Valid options are:
•Pass Or Fail
•Pass
•Fail
Radius Audit Session ID
Enter the RADIUS audit session identification name on which you want to run a report.
ISE Session ID
Enter the ISE session identification name on which you want to run a report.
Severity
Use the drop down list box to select the severity level on which you want to run a report. This setting captures the indicated severity level and those that are higher within the threshold. Valid options are:
•Fatal
•Error
•Warning
•Info
•Debug
End Point IP Address
Enter the end point IP address on which you want to run a report.
Command Accounting Only
Check the check box to enable your report to run for command accounting.
Top
Use the drop down list box to select the number of top (most frequent) authentications by allowed protocol on which you want to run your report. Valid options are:
•10
•50
•100
•500
•1000
•All
By
Use the drop down list box to select the type of authentications on which you want to run your report. Valid options are:
•Passed Authentications
•Failed Authentications
•Total Authentications
Administrator Name
Enter the administrator username, or click Select to select the administrator username, for which you want to run your report.
Object Type
Enter a valid object type on which you want to run your report.
Object Name
Enter the name, or click Select to select the object name, of the object on which you want to run your report.
Authorization Status
Use the drop down list box to select which authentication status on which you want to run your report. Valid options are:
•Pass Or Fail
•Pass
•Fail
Time Range
Use the drop down list box to select the time range on which you want to run your report. Valid options are:
•Last Hour (for the ISE Health Summary report only)
•Today
•Yesterday
•Last 7 Days
•Last 30 Days
•Custom—You must configure a Start Date and End Date, or a Day.
Note Some options are not valid for some Time Range entries of the various reports.
Start Date
Enter a date, or click the date selector icon to select a start date for running your report.
End Date
Enter a date, or click the date selector icon to select an end date for running your report.
Day
Enter a date, or click the date selector icon to select an end date for running your report.
Clear
Click to delete the contents of an associate text box.
Run
Click to run the report for which you have made selections.
Favorites
Select Monitor > Reports > Favorites to display a list of favorite reports. Favorites allows you to bookmark frequently used reports by saving them as favorite reports.
The name of the favorites report. Click to open a summary of an associated report.
Report Name
The report name associated with a Catalog (Report) type.
Report Type
The general category name associated with the report.
Data Formatting
Data Types and Formats
Table A-24 Data Types and Formats
Data type
Option
Description
Date and Time
Unformatted
The data retains the default format set by the template or theme.
General Date
June 5, 2006 12:00:00 AM GMT +00:00
Long Date
June 5, 2006
Medium Date
Jun 5, 2006
Short Date
6/5/06
Long Time
12:00:00 AM GMT +00:00
Medium Time
12:00:00 AM
Short Time
12:00
Custom
The format depends on a format code you type. For example, typing yyyy/mm results in 2006/10. You learn more about custom formatting later in this chapter.
Number
Unformatted
The number retains the default format set by the template or theme.
General Number
6066.88 or 6067, depending on the decimal and thousands separator settings
Currency
$6,067.45 or
Â¥
6067, depending on the locale and optional settings
Fixed
6067 or 6,067 or 6067.45, depending on optional settings
Percent
45% or 45.8%, depending on optional settings
Scientific
2E04 or 2.67E04, where the number after the E represents the exponent of 10, depending on optional settings. For example, 2.67E04 means 2.67 multiplied by 10 raised to the fourth power.
Custom
The format depends on a format code you type. For example, typing #,### results in a format with a comma as a thousands separator and no decimal points. You learn more about custom formats later in this chapter.
String
Unformatted
The string retains the default format set by the template or theme.
Uppercase
The string displays in all uppercase, for example GREAT NEWS.
Lowercase
The string displays in all lowercase, for example great news.
Custom
The format depends on the format code you type. Use custom formatting for postal codes, telephone numbers, and other data that does not match standard formats.
Custom Number Format Patterns
Table A-25 Custom Number Format Patterns
Format pattern
Data in the data set
Result of formatting
0000.00
12.5 124.5 1240.553
0012.50 0124.50 1240.55
#.000
100 100.25 100.2567
100.000 100.250 100.257
$#,###
2000.00 20000.00
$2,000 $20,000
ID #
15
ID 15
Symbols for Defining Custom String Formats
Symbol
Description
@
Character placeholder. Each @ character displays a character in the string. If the string has fewer characters than the number of @ symbols that appear in the format pattern, spaces appear. Placeholders are filled from right to left, unless you specify an exclamation point (!) at the beginning of the format pattern.
&
Same as @, except that if the string has fewer characters, spaces do not appear.
!
Specifies that placeholders are to be filled from left to right.
>
Converts string characters to uppercase.
<
Converts string characters to lowercase.
Results of Custom String Format Patterns
Table A-26 Results of Custom String Format Patterns
Format pattern
Data in the data source
Results of formatting
(@@@) @@@-@@@@
6175551007 5551007
(617) 555-1007 ( ) 555-1007
(&&&) &&&-&&&&
6175551007 5551007
(617) 555-1007 () 555-1007
!(@@@) @@@-@@@@
6175551007 5551007
(617) 555-1007 (555) 100-7
!(&&&) &&&-&&&&
6175551007 5551007
(617) 555-1007 (555) 100-7
!(@@@) @@@-@@@@ + ext 9
5551007
(555) 100-7 + ext 9
!(&&&) &&&-&&&& + ext 9
5551007
(555) 100-7 + ext 9
>&&&-&&&&&-&&
D1234567xy
D12-34567-XY
<&&&-&&&&&-&&
D1234567xy
d12-34567-xy
Results of Custom Date Formats
Table A-27 Results of Custom Date Formats
Format
Result of formatting
MM-dd-yy
04-15-06
E, M/d/yyyy
Fri, 4/15/2006
MMM d
Apr 15
MMMM
April
yyyy
2006
W
3 (the week in the month)
w
14 (the week in the year)
D
105 (the day in the year)
Supported Calculation Functions
Table A-28 Supported Calculation Functions
Function
Description
Example of use
ABS(num)
Displays an absolute value for the data in a column.
ABS([TemperatureCelsius])
ADD_DAY (date, daysToAdd)
Adds a specified number of days to a date value and displays the result as a date value.
ADD_DAY([ClosingDate], 30)
ADD_HOUR (date, hoursToAdd)
Adds a specified number of hours to a time value and displays the result as a time value.
ADD_HOUR([OpenHour], 8)
ADD_MINUTE (date, minutesToAdd)
Adds a specified number of minutes to a time value and displays the result as a time value.
ADD_MINUTE([StartTime], 60)
ADD_MONTH (date, monthsToAdd)
Adds a specified number of months to a date value and displays the result as a date value.
ADD_MONTH([InitialRelease], 2)
ADD_QUARTER (date, quartersToAdd)
Adds a specified number of quarters to a date value.
ADD_QUARTER([ForecastClosing],
2)
ADD_SECOND (date, secondsToAdd)
Adds a specified number of seconds to a time value.
ADD_SECOND([StartTime], 30)
ADD_WEEK (date, weeksToAdd)
Adds a specified number of weeks to a date value and displays the result as a date value.
ADD_WEEK([askByDate], 4)
ADD_YEAR (date, yearsToAdd)
Adds a specified number of years to a date value.
ADD_YEAR([HireDate], 5)
AND
Combines two conditions and returns records that match both conditions. For example, you can request records from customers who spend more than $50,000 a year and also have a credit rank of A.
This function is used to connect clauses in an expression and does not take arguments.
AVERAGE(expr)
Displays an average value for the column.
AVERAGE([CostPerUnit])
AVERAGE (expr, groupLevel)
Displays the average value at the specified group level.
AVERAGE([TotalCost], 2)
BETWEEN(value, upperBound, lowerBound)
For a specified column, displays true if a value is between two specified values and false otherwise. String values and date or time values must be enclose in quotation marks. For dates and times, use the short date and short time formats.
BETWEEN([PostalCode], 11209,
12701)
BETWEEN([ReceiptDate],
"10/01/06", "12/31/06")
CEILING (num, significance)
Rounds a number up, away from 0, to the nearest specified multiple of significance. For data that has been converted from a double or float to an integer, displays the smallest integer that is greater than or equal to the float or double.
CEILING([PortfolioAverage], 1)
COUNT( )
Counts the rows in a table.
COUNT( )
COUNT(groupLevel)
Counts the rows at the specified group level.
COUNT(2)
COUNTDISTINCT(expr)
Counts the rows that contain distinct values in a table.
Counts the rows that contain distinct values at the specified group level.
COUNTDISTINCT([CustomerID], 3)
DAY(date)
Displays the number of a day in the month, from 1 to 31, for a date-and-time value.
DAY([forecastShipping])
DIFF_DAY(date1, date2)
Displays the difference between two date values, in the number of days.
DIFF_DAY([checkoutDate],
[returnDate])
DIFF_HOUR(date1, date2)
Displays the difference between two time values, in the number of hours.
DIFF_HOUR([StartTime],[Finish
Time])
DIFF_MINUTE (date1, date2)
Displays the difference between two time values, in the number of minutes.
DIFF_MINUTE([StartTime],
[FinishTime])
DIFF_MONTH (date1, date2)
Displays the difference between two date values, in the number of months.
DIFF_MONTH([askByDate],
[shipByDate])
DIFF_QUARTER (date1, date2)
Displays the difference between two date values, in the number of quarters.
DIFF_QUARTER([PlanClosing],
[ActualClosing])
DIFF_SECOND (date1, date2)
Displays the difference between two time values, in the number of seconds.
DIFF_SECOND([StartTime],
[FinishTime])
DIFF_WEEK(date1, date2)
Displays the difference between two weeks as a number.
DIFF_WEEK([askByDate],
[shipByDate])
DIFF_YEAR(date1, date2)
Displays the difference between two years as a number.
DIFF_YEAR([HireDate],
[TerminationDate])
false
The Boolean false. This function is used in expressions to indicate that an argument is false.
In the following example, false indicates that the second argument, ascending, is false and therefore the values should be returned in descending order.
RANK([Score], false)
FIND(strToFind, str)
Displays the index of the first occurrence of specified text. The index is zero-based. The search is case sensitive and the search string cannot include wildcards. The value in the strToFind argument must be enclosed in quotation marks.
FIND("HQ", [OfficeName])
FIND(strToFind, str, startPosition)
Similar to FIND(strToFind, str) but supports providing a start position for the search. The index is zero-based.
FIND("HQ", [OfficeName], 3)
FIRST(expr)
Places the first value that appears in a specified column into the calculated column. This function supports viewing a row-by-row comparison against a specific value.
FIRST([customerID])
FIRST(expr, groupLevel)
Displays the first value that appears in the specified column at the specified group level.
FIRST([customerID], 3)
IF(condition, doIfTrue, doIfFalse)
Displays the result of an If...Then...Else statement.
IF([purchaseVolume] >5 , 7 , 0)
where
•[purchaseVolume] is the column name and >5 is the test condition.
•7 is the value to place in the new column if the condition is true.
•0 is the value to place in the new column if the condition is false.
IN(value, check)
Displays true if a data row contains a value specified by the check argument and false otherwise. String values and date or time values must be enclosed in quotation marks. For dates and times, use the short date and short time formats for your locale.
IN([custID], 101)
IN([city], "New Haven")
IN([FinishTime], "16:09")
IN(value, check1, ..., checkN)
Displays true if a data row contains any value specified by the check argument list and false otherwise. String values and date or time values must be enclosed in quotation marks. For dates and times, use the short date and short time formats for your locale.
IN([city], "New Haven",
"Baltimore", "Cooperstown")
Displays true if the value is within the lowest n values for the expression, and false otherwise.
ISBOTTOMN([OrderTotals], 50)
ISBOTTOMN (expr, n, groupLevel)
Displays true if the value is within the lowest n values for the expression at the specified group level, and false otherwise.
ISBOTTOMN([OrderTotals], 50, 2)
ISBOTTOMNPERCENT (expr, percent)
Displays the lowest n percentage.
ISBOTTOMNPERCENT([Sales Total],
5)
ISBOTTOMNPERCENT (expr, percent, groupLevel)
Displays the lowest n percentage for the expression at the specified group level.
ISBOTTOMNPERCENT([Sales Total],
5, 3)
ISNULL(value)
Displays true if a row does not display a value. Displays false if a row displays a value.
ISNULL([DepartmentName])
ISTOPN(expr, n)
Displays true if the value is within the highest n values for the expression, and false otherwise.
ISTOPN([OrderTotals], 10)
ISTOPN(expr, n, groupLevel)
Displays true if the value is within the highest n values for the expression at the specified group level, and false otherwise.
ISTOPN([OrderTotals], 10, 3)
ISTOPNPERCENT(expr, percent)
Displays true if the value is within the highest n percentage, and false otherwise.
ISTOPNPERCENT([SalesTotals], 5)
ISTOPNPERCENT(expr, percent, groupLevel)
Displays true if the value is within the highest n percentage values for the expression at the specified group level, and false otherwise.
ISTOPNPERCENT([SalesTotals],
5, 3)
LAST(expr)
Displays the last value in a specified column.
LAST([FinishTime])
LAST(expr, groupLevel)
Displays the last value for the expression at the specified group level.
LAST([FinishTime], 3)
LEFT(str)
Displays the character at the left of the specified string.
LEFT([city])
LEFT(str, n)
Displays the specified number of characters in a column's string, counting from the left.
LEFT([city], 3)
LEN(str)
Displays the length of a string, including spaces and punctuation marks.
LEN([Description])
LIKE(str)
Displays true if the values match, and false otherwise. Use SQL syntax to specify the string pattern.
The following rules apply:
•Literal pattern characters must match exactly. LIKE is case-sensitive.
•A percent character (%) matches zero or more characters.
•An underscore character (_) matches any single character.
•Escape a literal percent, underscore, or backslash character (\) with a backslash character.
LIKE([customerName], "D%")
LIKE([quantityOrdered], "2_")
LOWER(str)
Displays the string in a specified column in lowercase.
LOWER([cityName])
MAX(expr)
Displays the highest value in the specified column.
MAX([OrderTotal])
MAX(expr, groupLevel)
Displays the highest value for the expression at the specified group level.
MAX([OrderTotal], 2)
MEDIAN(expr)
Displays the median value in a specified column.
MEDIAN([HomePrices])
MEDIAN (expr, groupLevel)
Displays the median value for the expression at the specified group level.
MEDIAN([HomePrices], 2)
MIN(expr)
Displays the lowest value in the specified column.
MIN([OrderTotal])
MIN(expr, groupLevel)
Displays the lowest value for the expression at the specified group level.
MIN([OrderTotal], 1)
MOD(num, div)
Displays the remainder after a number is divided by a divisor. The result has the same sign as the divisor.
MOD([Salary], 12)
MONTH(date)
Displays the name of the month for a specified date-and-time value.
MONTH([ForecastShipDate])
MONTH(date, option)
Displays the month of a specified date-and-time value, in one of three optional formats:
•1 - Displays the month number of 1 through 12.
•2 - Displays the complete month name in the user's locale.
•3 - Displays the abbreviated month name in the user's locale.
MONTH([Semester], 2)
MOVINGAVERAGE (expr, window)
Displays an average value over a specified window, such as an average price or volume over a number of days.
MOVINGAVERAGE([Price],
[Days])
NOTNULL(value)
For a specified column, displays true if a data value is not empty. Displays false if a data value is empty.
NOTNULL([DepartmentID])
NOW( )
Displays the current time stamp.
NOW([PastDueDate])
OR
The logical OR operator.
This function is used to connect clauses in an expression and does not take arguments.
PERCENTILE(expr, pct)
Displays a percentile value, a value on a scale of 100 that indicates the percent of a distribution that is equal to or below the specified value. Valid pct argument ranges are 0 to 1. 0 returns the minimum value of the series. 1 returns the maximum value of the series.
PERCENTILE([Rank], 1)
PERCENTILE (expr, pct, groupLevel)
Displays a percentile value for the expression at the specified group level. Valid pct argument ranges are 0 to 1. 0 returns the minimum value of the series. 1 returns the maximum value of the series.
PERCENTILE([Income], 60, 1)
PERCENTRANK(expr)
Displays the percentage rank of a value.
PERCENTRANK([TestScores])
PERCENTRANK(expr, groupLevel)
Displays the percentage rank of a value at the specified group level.
PERCENTRANK([TestScores], 2)
PERCENTSUM(expr)
Displays a value as a percentage of a total.
PERCENTSUM([OrderTotals])
PERCENTSUM(expr, groupLevel)
Displays a value as a percentage of a total at the specified group level.
PERCENTSUM([OrderTotals], 3)
QUARTER(date)
Displays the quarter number, from 1 through 4, of a specified date-and-time value.
QUARTER([ForecastCloseDate])
QUARTILE(expr, quart)
Displays the quartile value, where the quart argument is an integer between 0 and 4.
QUARTILE([OrderTotal], 3)
QUARTILE (expr, quart, groupLevel)
Displays the quartile value for the expression at the specified group level, where the quart argument is an integer between 0 and 4.
QUARTER([OrderTotal], 2, 3)
RANK(expr)
Displays the rank of a number, string, or date-and-time value, starting at 1. Duplicate values receive identical rank but the duplication does not affect the ranking of subsequent values.
RANK([AverageStartTime])
RANK(expr, ascending, groupLevel)
Displays the rank of a number, string, or date-and-time value in either ascending or descending order, at the specified group level. To display values in ascending order, use true as the second argument. To display values in descending order, use false as the second argument.
RANK([Score], false, 3)
RANK([Score], true, 2)
RIGHT(str)
Displays the character at the right of a string.
RIGHT([name])
RIGHT(str, n)
Displays the specified number of characters in a string, counting from the right.
RIGHT([name], 3)
ROUND(num)
Rounds a number.
ROUND([SalesTarget])
ROUND(num, dec)
Rounds a number to the specified number of digits. The default value for dec is 0.
ROUND([StockValue], 2)
ROUNDDOWN(num)
Rounds a number down.
ROUNDDOWN([StockPrice])
ROUNDDOWN(num, dec)
Rounds a number down, away from 0, to the specified number of digits. The default value for dec is 0.
ROUNDDOWN([StockPrice], 2)
ROUNDUP(num)
Rounds a number up.
ROUNDUP([TotalValue])
ROUNDUP(num, dec)
Rounds a number up, away from 0, to the specified number of digits. The default value for dec is 0.
ROUNDUP([TotalValue], 2)
RUNNINGSUM(expr)
Displays a running total, adding the values in successive data rows.
RUNNINGSUM([StockValue])
SEARCH(pattern, str)
Case-insensitive search function that can use wildcard characters.
An asterisk ( * ) matches any sequence of characters, including spaces.
A question mark ( ? ) matches any single character.
The following search yields New York, New Haven, and so on from the City column:
SEARCH([CustomerData:city],
"new*")
SEARCH (pattern, str, startPosition)
Searches for a specified pattern in a string, starting at a specified position in the string. A case-insensitive search function that can use wildcard characters.
SEARCH([Location], "new", 1)
SQRT(num)
Displays the square root of a value.
SQRT([PrincipalValue])
STDEV(expr)
Displays the standard deviation.
STDEV([PurchaseFrequency])
SUM(expr)
Displays the sum of two specified values.
SUM([Price]+[Tax])
TODAY( )
Displays a time stamp value equal to midnight of the current date.
TODAY([DueDate])
TRIM(str)
Displays a string with all leading and trailing blank characters removed. Also removes all consecutive blank characters. Leading and trailing blanks can be spaces, tabs, and so on.
TRIM([customerName])
TRIMLEFT(str)
Displays a string with all leading blanks removed. Does not remove consecutive blank characters.
TRIMLEFT([PortfolioName])
TRIMRIGHT(str)
Displays a string with all trailing blanks removed. Does not remove consecutive blank characters.
TRIMRIGHT([Comments])
true
The Boolean true. This function is used in expressions to indicate that an argument is true.
In the following example, true indicates that the second argument, ascending, is true and therefore the values should be returned in ascending order.
RANK([Score], true)
UPPER(str)
Displays a string in a specified column in all uppercase.
UPPER([cityName])
UPPER("new haven")
VAR(expr)
Displays a variance for the specified expression.
VAR([EstimatedCost])
WEEK(date)
Displays the number of the week, from 1 through 52, for a date-and-time value.
WEEK([LeadQualifyingDate])
WEEKDAY(date, option)
Displays the day of the week in one of the following format options:
•1 - Returns the day number, from 1 (Sunday) through 7 (Saturday). 1 is the default option.
•2 - Returns the day number, from 1 (Monday) through 7 (Sunday).
•3 - Returns the day number, from 0 (Monday) through 6 (Sunday).
•4 - Returns the weekday name according to the user's locale.
•5 - Returns the abbreviated weekday name according to the user's locale.
WEEKDAY([DateSold], 4)
WEIGHTEDAVERAGE (value, weight)
Displays a weighted average of a specified value.
WEIGHTEDAVERAGE([Score], weight)
YEAR(date)
Displays the four-digit year value for a date-and-time value.
YEAR([ClosingDate])
Supported Operator Formats
Table A-29 Supported Operator Formats
Operator
Description
x + y
Addition of numeric values
x - y
Subtraction of numeric values
x * y
Multiplication of numeric values
x / y
Division of numeric values
x%
Percentage of a numeric value
x & y
Concatenation of string values
x = y
Test for equality of two values
x > y
Tests whether x is greater than y
x < y
Tests whether x is less than y
x >= y
Tests whether x is greater than or equal to y
x <= y
Tests whether x is less than or equal to y
x <> y
Tests whether x is not equal to y
x AND y
Tests for values that meet both condition x and condition y
x OR y
Tests for values that meet either condition x or condition y
NOT x
Tests for values that are not x
Aggregate Function Formats
Table A-30 Aggregate Function Formats
Aggregate functions
Description
Average
Calculates the average value of a set of data values.
Count
Counts the data rows in the column.
Count Value
Counts distinct values in the column.
First
Returns the first value in the column.
Last
Returns the last value in the column.
Max
Returns the highest value in the column.
Median
Returns the median value in the column.
Min
Returns the lowest value in the column.
Mode
Returns the most frequently-occurring value in the column.
Quartile
Returns one of four equal-sized sets of data, based on the rank you select. For example, you can request the first quartile to get the top quarter of the data set or the fourth quartile to get the fourth quarter of the data set.
Standard Deviation
Returns the standard deviation, the square root of the variance.
Sum
Adds the values in the column.
Variance
Returns a value that indicates the spread around a mean or expected value.
Weighted average
Returns the weighted average of a numeric field over a set of data rows. In a weighted average, some numbers carry more importance, or weight, than others.
Filters
Conditions for Filters
Table A-31 Conditions for Filters
Condition
Description
Any Of
Returns any of the values you specify.
Between
Returns values that are between two specified values. When you select Between, a second Value field appears for the second default value.
Bottom N
Returns the lowest n values in the column.
Bottom Percent
Returns the lowest n percent of values in the column.
Equal to
Returns values that are equal to a specified value.
Greater Than
Returns values that are greater than a specified value.
Greater Than or Equal to
Returns values that are greater than or equal to a specified value.
Is False
In a column that evaluates to true or false, returns data rows that contain false values.
Is Not Null
Returns data rows that contain values.
Is Null
Returns data rows that do not contain values.
Is True
In a column that evaluates to true or false, returns data rows that contain true values.
Less Than
Returns values that are less than another value.
Less Than or Equal to
Returns values that are less than or equal to another value.
Like
Returns strings that match all or part of the specified string. % matches zero or more characters. _ matches one character.
Not Between
Returns values that are not between two specified values. When you select Not Between, a second Value field appears for the second default value.
Not Equal to
Returns values that are not equal to another value.
Not Like
Returns strings that do not match all or part of the specified string. % matches zero or more characters. _ matches one character.
Top N
Returns the top n values in the column.
Top Percent
Returns the top n percent of values in the column.
Filter Condition Examples
Table A-32 Filter Condition Examples
Type of filter condition
Description
Examples of instructions to data source
Comparison
Compares the value of one expression to the value of another expression using:
•Equal to
•Not Equal to
•Less Than
•Less Than or Equal to
•Greater Than
•Greater Than or Equal to
quantity = 10
custName = 'Acme Inc.'
custName > 'P'
custState <> 'CA'
orderDate > {d '2005-06-30'}
Range
Tests whether the value of an expression falls or does not fall within a range of values using Between or Not Between. The test includes the endpoints of the range.
price BETWEEN 1000 AND 2000
custName BETWEEN 'E' AND 'K'
orderDate BETWEEN
{d '2005-01-01'} AND {d '2005-06-30'}
Membership
Tests whether the value of an expression matches one value in a set of values using Any Of.
officeCode IN (101,103,104)
itemType IN ('sofa', 'loveseat',
'endtable', 'clubchair')
orderDate IN
({d '2005-10-10'}, {d '2005-10-17'})
Pattern-matching
Tests whether the value of a string field matches or does not match a specified pattern using Like or Not Like. % matches zero or more characters. _ matches one character.
custName LIKE 'Smith%'
custName LIKE 'Smiths_n'
custState NOT LIKE 'CA%'
Null value
Tests whether a field has or does not have a null, or missing, value using Is Null or Is Not Null.
manager IS NULL
shipDate IS NULL
shipDate IS NOT NULL
Report Context Menus
Use context menus as shortcuts to performing data formatting and organizing tasks. To bring up a context menu, right click an element in a report. The context menu options that are displayed are unique to the element selected.
Table A-33 Report Context Menus
Option
Description
Aggregation
Opens a dialog box that supports creating an aggregate row for this column.
Alignment
Opens a submenu that contains:
•Align Left. Aligns the column data to the left.
•Align Center. Centers the column data.
•Align Right. Aligns the column data to the right.
Calculation
Opens a submenu that supports creating a calculated column based on this column.
Chart
Opens a submenu that supports inserting a chart.
Column
Opens a submenu that contains:
•Delete Column. Deletes the selected column.
•Reorder Columns. Opens a dialog box that supports changing the order of columns in the report design.
•Column Width. Opens the Column Properties dialog box, which supports setting the column width.
•Do Not Repeat Values. Suppresses consecutive duplicate data values in a column. If the column is already set to Do Not Repeat Values, this menu item changes to Repeat Values.
Data Fields
Opens a dialog box that displays the report columns. Supports adding or removing data fields.
Filter
Opens a submenu that contains:
•Filter. Opens a dialog box that supports creating filters based on this column.
•Top or Bottom N. Opens a dialog box that supports displaying the highest or lowest n values or the highest or lowest n percent in the column.
Format Data
Opens a dialog box that supports formatting the data type. For example, if the column contains numeric data, the Number column format dialog box opens and you can format the data as currency, percentages, and so on.
Group
Opens a submenu that contains:
•Add Group. Creates a group based on this column. When you select a grouped column, this menu item changes to Delete Group.
•Add Section. Creates a section based on this column. When you select a section column, this menu item changes to Delete Section.
•Hide Detail. Hides the group's or section's detail rows. If the detail rows are hidden, this menu item changes to Show Detail. This option is available when you select a grouped column or a section column.
•Page Break. Sets a page break before or after a group or section. This option is available when you select a grouped column or a section column.
Sort
Opens a submenu that contains:
•Sort Ascending. Sorts the column rows in ascending order.
•Sort Descending. Sorts the column rows in descending order.
•Advanced Sort. Opens the Advanced Sort dialog box, which supports performing a sort based on additional columns.
Style
Opens a submenu that contains:
•Font. Opens the Font dialog box, which supports modifying the font properties of column data.
•Conditional Formatting. Opens a dialog box that supports setting conditional formatting rules for data in this column.
Troubleshoot
To bring up Cisco ISE troubleshooting tools, go to Monitor > Troubleshoot > Diagnostic Tools. Use the following tools to solve problems that may appear on your network:
To access the following General Tools for troubleshooting go to Monitor > Troubleshoot > Diagnostic Tools and expand General Tools in the left panel. Choose from the following tools:
Perform connectivity tests to troubleshoot failed authentications and other problems.
Table A-34 Connectivity Tests
Option
Description
Hostname or IP Address
Enter the hostname or IP address for a connection you want to test. Click Clear to clear the hostname or IP address .
ping
Click ping to view the packets sent and received, packet loss (if any) and the time it takes for the test to complete.
traceroute
Click traceroute to view the intermediary IP addresses (hops) between the Monitoring persona node and the tested hostname or IP address, and the time it takes for each hop to complete.
nslookup
Click nslookup cto view the server and IP address of your tested domain name server hostname or IP address.
RADIUS Authentication Troubleshooter
Check RADIUS authentication results and troubleshoot problems that may occur.
Table A-35 RADIUS Authentication Troubleshooter
Option
Description
Search and select a RADIUS authentication for troubleshooting
Username
Enter the username of the user whose authentication you want to troubleshoot, or click Select to choose the username from a list. Click Clear to clear the username.
MAC Address
Enter the MAC address of the device that you want to troubleshoot, or click Select to choose the MAC address from a list. Click Clear to clear the MAC address.
Audit Session ID
Enter the audit session ID that you want to troubleshoot. Click Clear to clear the audit session ID.
NAS IP
Enter the NAS IP address or click Select to choose the NAS IP address from a list. Click Clear to clear the NAS IP address.
NAS Port
Enter the NAS port number or click Select to choose a NAS port number from a list. Click Clear to clear the NAS port number.
Authentication Status
Choose the status of your RADIUS authentication from the Authentication Status drop-down list box. The available options are:
•Pass or Fail
•Pass
•Fail
Failure Reason
Enter the failure reason or click Select to choose a failure reason from a list. Click Clear to clear the failure reason.
Time Range
Select a time range from the drop-down list. The RADIUS authentication records that are created during this time range are used:
•Last hour
•Last 12 hours
•Today
•Yesterday
•Last 7 days
•Last 30 days
•Custom
Start Date-Time
(Only if you choose Custom Time Range) Enter the start date and time, or click the calendar icon to select the start date and time. The date should be in the mm/dd/yyyy format and time in the hh:mm format.
End Date-Time
(Only if you choose Custom Time Range) Enter the end date and time, or click the calendar icon to select the end date and time. The date should be in the mm/dd/yyyy format and time in the hh:mm format.
Fetch Number of Records
Choose the number of records that you want to fetch from the drop-down list: 10, 20, 50, 100, 200, or 500.
The steps for resolution of the problem are detailed here.
Troubleshooting Summary
<Summary>
A step-by-step summary of troubleshooting information is provided here. You can expand any step to view further details.
Note Any configuration errors are indicated by red text.
Execute Network Device Command
Execute the show command on a network device.
Table A-38 Execute Network Device Command
Option
Description
Enter Information
Network Device IP
Enter the IP address of the network device on which you want to run the command.
Command
Enter the show command.
Evaluate Configuration Validator
Evaluate the configuration of a network device and identify any configuration problems.
Table A-39 Evaluate Configuration Validator
Option
Description
Enter Information
Network Device IP
Enter the IP address of the network device whose configuration you want to evaluate.
Select the configuration items below that you want to compare against the recommended template.
AAA
This option is selected by default.
RADIUS
This option is selected by default.
Device Discovery
This option is selected by default.
Logging
This option is selected by default.
Web Authentication
Select this check box to compare the web authentication configuration.
Profiler Configuration
Select this check box to compare the Profiler configuration.
SGA
Check this check box if you want to compare Security Group Access configuration.
802.1X
Check this check box if you want to compare the 802.1X configuration, and choose one of the following options:
•Open Mode
•Low Impact Mode (Open Mode + ACL)
•High Security Mode (Closed Mode)
Progress Details
Table A-40 Progress Details
Option
Description
Specify Connection Parameters for Network Device a.b.c.d
Username
Enter the username for logging in to the network device.
Password
Enter the password.
Protocol
Choose the protocol from the Protocol drop-down list. Valid options are:
•Telnet
•SSHv2
Note Telnet is the default option. If you choose SSHv2, you must ensure that SSH connections are enabled on the network device.
Port
Enter the port number.
Enable Password
Enter the enable password.
Same As Login Password
Check this check box if the enable password is the same as the login password.
Use Console Server
Check this check box to use the console server.
Console IP Address
(Only if you check the Use Console Server check box) Enter the console IP address.
Advanced (Use these if you see an "Expect timeout error" or you know that the device has non-standard prompt strings)
Note The Advanced options appear only for some of the troubleshooting tools.
Username Expect String
Enter the string that the network device uses to prompt for username; for example, Username:, Login:, and so on.
Password Expect String
Enter the string that the network device uses to prompt for password; for example, Password:.
Prompt Expect String
Enter the prompt that the network device uses. For example, #, >, and @.
Authentication Failure Expect String
Enter the string that the network device returns when there is an authentication failure; for example, Incorrect password, Login invalid, and so on.
Results Summary
Table A-41 Results Summary
Option
Description
Diagnosis and Resolution
Diagnosis
The diagnosis for the problem is listed here.
Resolution
The steps for resolution of the problem are detailed here.
Troubleshooting Summary
<Summary>
A step-by-step summary of troubleshooting information is provided here. You can expand any step to view further details.
Note Any configuration errors are indicated by red text.
Posture Troubleshooting
Find and resolve posture problems on the network.
Table A-42 Posture Troubleshooting
Option
Description
Search and Select a Posture event for troubleshooting
Username
Enter the username to filter on.
MAC Address
Enter the MAC address to filter on, using format: xx-xx-xx-xx-xx-xx
Posture Status
Select the authentication status to filter on:
•Any
•Compliant
•Noncompliant
•Unknown
Failure Reason
Enter the failure reason or click Select to choose a failure reason from a list. Click Clear to clear the failure reason.
Time Range
Select a time range from the drop-down list . The RADIUS authentication records that are created during this time range are used:
•Last hour
•Last 12 hours
•Today
•Yesterday
•Last 7 days
•Last 30 days
•Custom
Start Date-Time:
(Only if you choose Custom Time Range) Enter the start date and time, or click the calendar icon to select the start date and time. The date should be in the mm/dd/yyyy format and time in the hh:mm format.
End Date-Time:
(Only if you choose Custom Time Range) Enter the end date and time, or click the calendar icon to select the start date and time. The date should be in the mm/dd/yyyy format and time in the hh:mm format.
Fetch Number of Records
Select the number of records to display: 10, 20, 50, 100, 200, 500
Search Result
Time
Time of the event
Status
Posture status
Username
User name associated with the event
MAC Address
MAC address of the system
Failure Reason
Failure reason for the event
TCP Dump
Use the tcpdump utility to monitor the contents of packets on a network interface and troubleshoot problems on the network as they appear.
Table A-43 TCP Dump
Option
Description
Status:
•Stopped—the tcpdump utility is not running
•Start—Click to start the tcpdump utility monitoring the network.
•Stop—Click to stop the tcpdump utility
Host Name
Choose the name of the host to monitor from the drop-down list.
Network Interface
Choose the network interface to monitor from the drop-down list.
Promiscuous Mode
•On—Click to turn on promiscuous mode (default).
•Off—Click to turn off promiscuous mode.
Promiscuous mode is the default packet sniffing mode. It is recommended that you leave it set to On. In this mode the network interface is passing all traffic to the system's CPU.
Filter
Enter a boolean expression on which to filter. Standard tcpdump filter expressions are supported.
Format
Select a format for the tcpdump file from the drop-down list:
•Human Readable
•Raw Packet Data
Dump File
Displays data on the last dump file, such as the following:
Last created on Wed Apr 27 20:42:38 UTC 2011 by admin
File size: 3,744 bytes
Format: Raw Packet Data
Host Name: Positron
Network Interface: GigabitEthernet 0
Promiscuous Mode: On
•Download—Click to download the most recent dump file.
•Delete—Click to delete the most recent dump file.
Security Group Access Tools
To access the following General Tools for troubleshooting go to Monitor > Troubleshoot > Diagnostic Tools and expand Security Group Access Tools in the left panel. Choose from the following tools:
Compare Security Group Access-enabled devices using theEgress policy diagnostic too.
Progress Details
Table A-44 Progress Details for Egress SGACL Policy
Option
Description
Specify Connection Parameters for Network Device a.b.c.d
Username
Enter the username for logging in to the network device.
Password
Enter the password.
Protocol
Choose the protocol from the Protocol drop-down list. Valid options are:
•Telnet
•SSHv2
Note Telnet is the default option. If you choose SSHv2, you must ensure that SSH connections are enabled on the network device.
Port
Enter the port number.
Enable Password
Enter the enable password.
Same As Login Password
Check this check box if the enable password is the same as the login password.
Use Console Server
Check this check box to use the console server.
Console IP Address
(Only if you check the Use Console Server check box) Enter the console IP address.
Advanced (Use these if you see an "Expect timeout error" or you know that the device has non-standard prompt strings)
Note The Advanced options appear only for some of the troubleshooting tools.
Username Expect String
Enter the string that the network device uses to prompt for username; for example, Username:, Login:, and so on.
Password Expect String
Enter the string that the network device uses to prompt for password; for example, Password:.
Prompt Expect String
Enter the prompt that the network device uses. For example, #, >, and @.
Authentication Failure Expect String
Enter the string that the network device returns when there is an authentication failure; for example, Incorrect password, Login invalid, and so on.
Results Summary
Table A-45 Results Summary for Egress SGACL Policy
Option
Description
Diagnosis and Resolution
Diagnosis
The diagnosis for the problem is listed here.
Resolution
The steps for resolution of the problem are detailed here.
Troubleshooting Summary
<Summary>
A step-by-step summary of troubleshooting information is provided here. You can expand any step to view further details.
Note Any configuration errors are indicated by red text.
SXP-IP Mappings
Compare SXP-IP mappings between a device and its peers.
Peer SXP Devices
Table A-46 Peer SXP Devices for SXP-IP Mappings
Option
Description
Peer SXP Devices
Peer IP Address
IP address of the peer SXP device.
VRF
The VRF instance of the peer device.
Peer SXP Mode
The SXP mode of the peer device; for example, whether it is a speaker or a listener.
Self SXP Mode
The SXP mode of the network device; for example, whether it is a speaker or a listener.
Connection State
The status of the connection.
Common Connection Parameters
User Common Connection Parameters
Check this check box to enable common connection parameters for all the peer SXP devices.
Note If the common connection parameters are not specified or if they do not work for some reason, the Expert Troubleshooter again prompts you for connection parameters for that particular peer device.
Username
Enter the username of the peer SXP device.
Password
Enter the password to gain access to the peer device.
Protocol
•Choose the protocol from the Protocol drop-down list box. Valid options are:
–Telnet
–SSHv2
Note Telnet is the default option. If you choose SSHv2, you must ensure that SSH connections are enabled on the network device.
Port
•Enter the port number. The default port number for Telnet is 23 and SSH is 22.
Enable Password
Enter the enable password if it is different from your login password.
Same as login password
Check this check box if your enable password is the same as your login password.
Progress Details
Table A-47 Progress Details for SXP-IP Mappings
Option
Description
Specify Connection Parameters for Network Device a.b.c.d
Username
Enter the username for logging in to the network device.
Password
Enter the password.
Protocol
Choose the protocol from the Protocol drop-down list. Valid options are:
•Telnet
•SSHv2
Note Telnet is the default option. If you choose SSHv2, you must ensure that SSH connections are enabled on the network device.
Port
Enter the port number.
Enable Password
Enter the enable password.
Same As Login Password
Check this check box if the enable password is the same as the login password.
Use Console Server
Check this check box to use the console server.
Console IP Address
(Only if you check the Use Console Server check box) Enter the console IP address.
Advanced (Use these if you see an "Expect timeout error" or you know that the device has non-standard prompt strings)
Note The Advanced options appear only for some of the troubleshooting tools.
Username Expect String
Enter the string that the network device uses to prompt for username; for example, Username:, Login:, and so on.
Password Expect String
Enter the string that the network device uses to prompt for password; for example, Password:.
Prompt Expect String
Enter the prompt that the network device uses. For example, #, >, and @.
Authentication Failure Expect String
Enter the string that the network device returns when there is an authentication failure; for example, Incorrect password, Login invalid, and so on.
Results Summary
Table A-48 Results Summary for SXP-IP Mappings
Option
Description
Diagnosis and Resolution
Diagnosis
The diagnosis for the problem is listed here.
Resolution
The steps for resolution of the problem are detailed here.
Troubleshooting Summary
<Summary>
A step-by-step summary of troubleshooting information is provided here. You can expand any step to view further details.
Note Any configuration errors are indicated by red text.
IP User SGT
Use the IP User SGT diagnostic tool to compare IP-SGT values on a device with an ISE assigned SGT.
Table A-49 IP User SGT
Option
Description
Enter Information
Network Device IP
Enter the IP address of the network device.
Filter Results
Username
Enter the username of the user whose records you want to troubleshoot.
User IP Address
Enter the IP address of the user whose records you want to troubleshoot.
SGT
Enter the user SGT value.
Progress Details
Table A-50 Progress Details for IP User SGT
Option
Description
Specify Connection Parameters for Network Device a.b.c.d
Username
Enter the username for logging in to the network device.
Password
Enter the password.
Protocol
Choose the protocol from the Protocol drop-down list. Valid options are:
•Telnet
•SSHv2
Note Telnet is the default option. If you choose SSHv2, SSH connections must be enabled on the network device.
Port
Enter the port number.
Enable Password
Enter the enable password.
Same As Login Password
Check this check box if the enable password is the same as the login password.
Use Console Server
Check this check box to use the console server.
Console IP Address
(Only if you check the Use Console Server check box) Enter the console IP address.
Advanced (Use these if you see an "Expect timeout error" or you know that the device has non-standard prompt strings)
Note Advanced options appear only for some of the troubleshooting tools.
Username Expect String
Enter the string that the network device uses to prompt for username; for example, Username:, Login:, and so on.
Password Expect String
Enter the string that the network device uses to prompt for password; for example, Password:.
Prompt Expect String
Enter the prompt that the network device uses. For example, #, >, and @.
Authentication Failure Expect String
Enter the string that the network device returns when there is an authentication failure; for example, Incorrect password, Login invalid, and so on.
Results Summary
Table A-51 Results Summary for IP User SGT
Option
Description
Diagnosis and Resolution
Diagnosis
The diagnosis for the problem is listed here.
Resolution
The steps for resolution of the problem are detailed here.
Troubleshooting Summary
<Summary>
A step-by-step summary of troubleshooting information is provided here. You can expand any step to view further details.
Note Any configuration errors are indicated by red text.
Device SGT
Use the Device SGT diagnostic tool to compare the device SGT with the most recently assigned value.
Table A-52 Device SGT
Option
Description
Enter Information
Network Device IPs (comma-separated list)
Enter the network device IP addresses (whose device SGT you want to compare with an ISE-assigned device SGT) separated by commas.
Common Connection Parameters
Use Common Connection Parameters
Select this check box to use the following common connection parameters for comparison:
•Username—Enter the username of the network device.
•Password—Enter the password.
•Protocol—Choose the protocol from the Protocol drop-down list box. Valid options are:
–Telnet
–SSHv2
Note Telnet is the default option. If you choose SSHv2, SSH connections must be enabled on the network device.
•Port—Enter the port number. The default port number for Telnet is 23 and SSH is 22.
Enable Password
Enter the enable password if it is different from your login password.
Same as login password
Select this check box if your enable password is the same as your login password.
Policy
This section covers the following user interface elements:
Check this check box to configure Cisco ISE to process the Host Lookup field (for example, when the RADIUS Service-Type equals 10) and use the System UserName attribute from the RADIUS Calling-Station-ID attribute. Uncheck this check box if you want Cisco ISE to ignore the Host Lookup request and use the original value of the system UserName attribute for authentication. When unchecked, message processing is done according to the protocol (for example, PAP).
Authentication Protocols
Allow PAP/ASCII
This option enables PAP/ASCII. PAP uses cleartext passwords (that is, unencrypted passwords) and is the least secure authentication protocol.
When you check the Allow PAP/ASCII check box, you can check the Detect PAP as Host Lookup check box to configure Cisco ISE to detect this type of request as a Host Lookup (instead of PAP) request.
Allow CHAP
This option enables CHAP authentication. CHAP uses a challenge-response mechanism with password encryption. CHAP does not work with Microsoft Active Directory.
Allow MS-CHAPv1
This option enables MS-CHAPv1.
Allow MS-CHAPv2
This option enables MS-CHAPv2.
Allow EAP-MD5
This option enables EAP-based MD5 hashed authentication.
When you check the Allow EAP-MD5 check box, you can check the Detect EAP-MD5 as Host Lookup check box to configure Cisco ISE to detect this type of request as a Host Lookup (instead of EAP-MD5) request.
Allow EAP-TLS
This option enables the EAP-TLS Authentication protocol and configures EAP-TLS settings. You can specify how Cisco ISE will verify the user identity as presented in the EAP identity response from the end-user client. User identity is verified against information in the certificate that the end-user client presents. This comparison occurs after an EAP-TLS tunnel is established between Cisco ISE and the end-user client.
Note EAP-TLS is a certificate-based authentication protocol. EAP-TLS authentication can occur only after you have completed the required steps to configure certificates. Refer to Chapter 12, "Managing Certificates" for more information on certificates.
Allow LEAP
This option enables Lightweight Extensible Authentication Protocol (LEAP) authentication.
Allow PEAP
This option enables the PEAP authentication protocol and PEAP settings. The default inner method is MS-CHAPv2.
When you check the Allow PEAP check box, you can configure the following PEAP inner methods:
•Allow EAP-MS-CHAPv2—Check this check box to use EAP-MS-CHAPv2 as the inner method.
–Allow Password Change—Check this check box for Cisco ISE to support password changes.
–Retry Attempts—Specifies how many times Cisco ISE requests user credentials before returning login failure. Valid values are 1 to 3.
•Allow EAP-GTC—Check this check box to use EAP-GTC as the inner method.
–Allow Password Change—Check this check box for Cisco ISE to support password changes.
–Retry Attempts—Specifies how many times Cisco ISE requests user credentials before returning login failure. Valid values are 1 to 3.
•Allow EAP-TLS—Check this check box to use EAP-TLS as the inner method.
Allow EAP-FAST
This option enables the EAP-FAST authentication protocol and EAP-FAST settings. The EAP-FAST protocol can support multiple internal protocols on the same server. The default inner method is MS-CHAPv2.
When you check the Allow EAP-FAST check box, you can configure EAP-FAST as the inner method:
•Allow EAP-MS-CHAPv2
–Allow Password Change—Check this check box for Cisco ISE to support password changes in phase zero and phase two of EAP-FAST.
–Retry Attempts—Specifies how many times Cisco ISE requests user credentials before returning login failure. Valid values are 1-3.
•Allow EAP-GTC
•Allow Password Change—Check this check box for Cisco ISE to support password changes in phase zero and phase two of EAP-FAST.
•Retry Attempts—Specifies how many times Cisco ISE requests user credentials before returning login failure. Valid values are 1-3.
•Use PACs—Choose this option to configure Cisco ISE to provision authorization PACs1 for EAP-FAST clients. Additional PAC options appear.
•Don't use PACs—Choose this option to configure Cisco ISE to use EAP-FAST without issuing or accepting any tunnel or machine PACs. All requests for PACs are ignored and Cisco ISE responds with a Success-TLV without a PAC.
When you choose this option, you can configure Cisco ISE to perform machine authentication.
•Tunnel PAC Time to Live—The TTL1 value restricts the lifetime of the PAC. Specify the lifetime value and units. The default is 90 days. The range is between 1 and 1825 days.
•Proactive PAC Update When: <n%> of PAC TTL is Left—The Update value ensures that the client has a valid PAC. Cisco ISE initiates an update after the first successful authentication but before the expiration time that is set by the TTL. The update value is a percentage of the remaining time in the TTL. The default is 90%.
•Allow Anonymous In-band PAC Provisioning—Check this check box for Cisco ISE to establish a secure anonymous TLS handshake with the client and provision it with a PAC by using phase zero of EAP-FAST with EAP-MSCHAPv2.
Note To enable anonymous PAC provisioning, you must choose both of the inner methods, EAP-MSCHAPv2 and EAP-GTC.
•Allow Authenticated In-band PAC Provisioning—Cisco ISE uses SSL server-side authentication to provision the client with a PAC during phase zero of EAP-FAST. This option is more secure than anonymous provisioning but requires that a server certificate and a trusted root CA be installed on Cisco ISE.
When you check this option, you can configure Cisco ISE to return an Access-Accept message to the client after successful authenticated PAC provisioning.
–Server Returns Access Accept After Authenticated Provisioning—Check this check box if you want Cisco ISE to return an access-accept package after authenticated PAC provisioning.
•Allow Machine Authentication—Check this check box for Cisco ISE to provision an end-user client with a machine PAC and perform machine authentication (for end-user clients who do not have the machine credentials). The machine PAC can be provisioned to the client by request (in-band) or by the administrator (out-of-band). When Cisco ISE receives a valid machine PAC from the end-user client, the machine identity details are extracted from the PAC and verified in the Cisco ISE external identity source. After these details are correctly verified, no further authentication is performed.
Note Cisco ISE only supports Active Directory as an external identity source for machine authentication.
When you check this option, you can enter a value for the amount of time that a machine PAC is acceptable for use. When Cisco ISE receives an expired machine PAC, it automatically reprovisions the end-user client with a new machine PAC (without waiting for a new machine PAC request from the end-user client).
•Enable Stateless Session Resume—Check this check box for Cisco ISE to provision authorization PACs for EAP-FAST clients and always perform phase two of EAP-FAST (default = enabled).
Uncheck this check box in the following cases:
–If you do not want Cisco ISE to provision authorization PACs for EAP-FAST clients
–To always perform phase two of EAP-FAST
When you check this option, you can enter the authorization period of the user authorization PAC. After this period, the PAC expires. When Cisco ISE receives an expired authorization PAC, it performs phase two EAP-FAST authentication.
•Preferred EAP Protocol—Check this check box to choose your preferred EAP protocols from any of the following options: EAP-FAST, PEAP, LEAP, EAP-TLS, and EAP-MD5. By default, LEAP is the preferred protocol to use if you do not enable this field.
To access system monitoring tools go to Administration > System > Settings, then expand Monitoring in the left panel. This section covers the user interface elements for the following monitoring tools:
Define the destination where alarm syslog messages are sent.
Table A-55 Alarm Syslog Targets
Option
Description
Identification
Name
Name of the alarm syslog target. The name can be 255 characters in length.
Description
(Optional) A brief description of the alarm that you want to create. The description can be up to 255 characters in length.
Configuration
IP Address
IP address of the machine that receives the syslog message. This machine must have the syslog server running on it. It is recommended that you use a Windows or a Linux machine to receive syslog messages.
Use Advanced Syslog Options
Port
Port in which the remote syslog server listens. By default, it is set to 514. Valid options are from 1 to 65535.
Facility Code
Syslog facility code to be used for logging. Valid options are Local0 through Local7.
Email Settings
Define the email address for the mail server and the name that is shown for messages received from the mail server, such as admin@somedomain.com.
Table A-56 Email Settings
Option
Description
Mail Server
Enter a valid email host server.
Mail From
Enter the name that users see when they receive a message from the mail server, such as admin@somedomain.com.
Failure Reasons Editor
View and edit failure reasons.
Viewing Failure Reasons
Table A-57 Viewing Failure Reasons
Option
Description
Failure Reasons
The name of possible failure reasons. Click a failure reason name to open the Failure Reasons Editor page.
Editing Failure Reasons
Table A-58 Editing Failure Reasons
Option
Description
Failure Reason
Display only. The error code and associated failure reason name.
Description
Enter a free text description of the failure reason to assist administrators; use the text tools as needed.
Resolution Steps
Enter a free text description of possible resolution steps for the failure reason to assist administrators; use the text tools as needed.
Results Summary
Table A-59 Results Summary for Failure Reasons
Option
Description
Diagnosis and Resolution
Diagnosis
The diagnosis for the problem is listed here.
Resolution
The steps for resolution of the problem are detailed here.
Troubleshooting Summary
<Summary>
A step-by-step summary of troubleshooting information is provided here. You can expand any step to view further details.
Note Any configuration errors are indicated by red text.
System Alarm Settings
Enable, disable, and configure system alarm notification settings.
Table A-60 System Alarm Settings
Option
Description
System Alarm Settings
Notify System Alarms
Check this check box to enable system alarm notification.
System Alarms Suppress Duplicates
Designate the number of hours that you want to suppress duplicate system alarms from being sent to the Email Notification User List. Valid options are 1, 2, 4, 6, 8, 12, and 24.
Email Notification
Email Notification User List
Enter a comma-separated list of e-mail addresses or ISE administrator names or both. Do one of the following:
•Enter the e-mail addresses.
•Click Select and enter valid administrator names. The administrator is notified by e-mail only if e-mail identification is specified in that administrator's account.
When a system alarm occurs, an e-mail is sent to all the recipients in the Email Notification User List.
Click Clear to clear this field.
Email in HTML Format
Select this check box to send e-mail notifications in HTML format, or uncheck to send s plain text.
Syslog Notification
Send Syslog Message
Select this check box to send a syslog message for each system alarm generates
Note To send syslog messages successfully, you must configure Alarm Syslog Targets, which are syslog message destinations. See, Configuring Alarm Syslog Targets, page 22-53 for more information.
System > Operations > Data Management > Monitoring Node
To monitoring data management tools go to Administration > System > Operations, then expand Data Management > Monitoring Node in the left panel. This section covers the user interface elements for the following tools:
Perform a full backup of the monitoring database on demand.
Table A-61 Full Backup On Demand
Option
Description
Data Repository
Select a repository from the drop-down list, in which to back up the monitoring database. If no repository is selected, a backup will not occur.
Backup Now
Click to perform a full backup of the monitoring database.
Full Backup On Demand Status
Shows the Name, Start Time, End Time, and Status of an on demand backup.
Scheduled Backup
Schedule an incremental or full monitoring database backup.
Table A-62 Scheduled Backup
Option
Description
Incremental Backup
On
Click the On radio button to enable incremental backup.
Off
Click the Off radio button to disable incremental backup.
Configure Incremental Monitor Database Backup
Data Repository
Select a data repository for the backup files.
Schedule
Select the time of the day to perform the incremental backup.
Frequency
Choose the frequency of incremental backups:
•Daily
•Weekly—Typically occurs at the end of every week.
•Monthly—Typically occurs at the end of every month.
Configure Full Monitor Database Backup
Data Repository
Select a data repositoryused to store the backup files.
Schedule
Select the time of the day to perfrom the database backup.
Frequency
Choose the frequency of the backups:
•Daily—Occurs at the specified time each day.
•Weekly—Occurs on the last day of every week.
•Monthly—Occurs on the last day of every month.
Data Purging
Purge data prior to an incremental or full backup.
Table A-63 Data Purging
Option
Description
Data Purging
Percentage of Disk Space
Enter a numerical percentage value for allowed disk space usage. This threshold triggers a purge when disk space usage meets or exceeds this value. The default is 80 percent. The maximum value allowed is 100 percent.
Data Repository
Select the data repository to backup data prior to purge.
Maximum Stored Data Period
Enter a value in (30-day) months to be utilized when the disk space usage threshold for purging (Percentage of Disk Space) is met.
Note For this option, each month consists of 30 days. The default of three months equals 90 days.
Submit
Click to proceed with the data purge.
Cancel
Click to exit without purging data.
Data Restore
Restore a full or incremental backup.
Table A-64 Data Restore
Column
Description
Available Backups to Restore
Select the radio button next to the name of the backup you want to restore. The backup filename includes the time stamp. For example, ISEViewBackup-20090618_003400.
Date
Shows the date of the backup
Repository
Shows the name of the repository where the backup is stored.
Type
Shows the type of backup, full or incremental
Restore
Click to restore the selected backup of the monitoring database.