Activity in DevNet Security
Cisco ISE Guest User Bulk Creation
Cisco ISE Guest User Bulk Creation with Python and the ERS APIManaging guest accounts in Cisco Identity Services Engine (ISE) is a common operational task for network engineers. Whether onboarding a handful of contractors or provisioning hundreds of ...
Versioning and Production for Workflows
Currently, I might go through several different versions of a workflow or atomic. Is there a best practice or a way to do versioning? Since there is no undo button for removing elements, I have become much more judgmental about how to implement certa...
Resolved! XDR Initial Response - Secure Endpoint Scan
As part of an initial incident response, I would like to run a full scan from a secure endpoint. Although I searched, I do not see this in the API documentation showing this as an option at the moment.Is there a different way to approach this, or is ...
Resolved! XDR Automation Rule targeting Detections
Automation Rules can target many things, but I would like to use detections as targets rather than incidents, as not all detections are raised to incidents. From the detection alone, there might be certain actions I would like to take. If detections ...
ISE OpenAPI Trusted Certificate upload fails due to malicious content
Hi I've been testing some script againts ISE 3.2.0 OpenAPI to test the functionality and i found an issue in uploading a trusted certificate for Letsencrypt via the openapi. If i download the intermediate certificate from https://letsencrypt.org/cert...
Cisco ISE ERS API does not give a list of sgmappinggroup
Hi,we need to fetch a list of all sgmappinggroup present in ISE (Cisco ISE 3.2 Patch 9). According to the documentation (https://developer.cisco.com/docs/identity-services-engine/v1/ers-open-api-ers-open-api/), the following request should return a l...
FTDv Promiscuous Mode causes tcp-not-syn drops on same ESXi host
We run FTDv HA pair managed by FMC on a 4-node vSAN cluster. Started noticing that VMs on the node where active FTD resides cannot establish TCP sessions (HTTPS, RDP) to resources in the same VLAN, while ICMP works fine. Moving VM to another node fix...
relationship event in SNA
“Is it possible to export all default Relationship and Event policies from Cisco Secure Network Analytics into an Excel format?”
Inquiry Regarding Cisco Umbrella API
Could you please provide information on the Umbrella API?I have reviewed the site below, and my understanding is that it is possible to add identities to existing policies and to create the Destination Lists and Application Lists used by policies.Is ...
How to Configure Certificate-Based Authentication for Cisco ISE API
Overview Certificate-based authentication provides a more secure method for API clients to authenticate without transmitting passwords. Certificate-based authentication for API calls was introduced in Cisco ISE Release 3.3 as a new feature. This guid...
Resolved! Stealtwatch SMC: REST API Invalid JSON error
Hello TeamWhen I doing POST(PowerShell), SMC returns an error:{ "errors" : [ { "code" : 5060, "message" : "The Request received is invalid" }, "Invalid JSON." ] }This is a part of PowerShell script I use: # JSON query body $body = '{ "startDateTime":...
XDR - Requirement Gathering Sheet CRDQ and LLD sample
Hi, Anyone can help to get the sample CRDQ and LLD for Cisco XDR for the Green Field Deployment.
SNA API: retrieving custom events
Hi all, I used Gemini to help me write the following PowerShell script to pull custom events down from Secure Network Analytics, but when I run the script, I get the "The script connected and authenticated successfully, but the API returned 0 events....
for ASAv50 version 9.16.4 how to identify DDOS attatck?
any solution? daily @7PM IST we are observing this issue (peak hours) /act/sec# show memoryFree memory: 12901343152 bytes (82%)Used memory: 2819579984 bytes (18%) /act/sec# show cpu detailedBreak down of per-core data path versus control point cpu ...
How to use get access token for using xdr apis
Hello I am new to Cisco Xdr. We need to use xdr api for judgment https://developer.cisco.com/docs/cisco-xdr/global-intel-api-guide/#sample-code . We are not sure how to get access token ( or api client/secret) for authentication. https://developer.ci...
