Solved: Re: Custom Alarm Notification for diffeent authentication failures to different mailer list

umahar · ‎08-23-2016

We have a use case where in an ODC environment some employees working on certain critical projects are joined to another domain (different from their corporate domain which ISE is using for authentication) . These connect to switches not enrolled in ISE.

As expected when these employees try to connect to switches enrolled in ISE they fail authentication.

The customer's requirement is to send these authentication failure logs in a form of an alarm notification to a particular DL assigned to admins/managers for these projects.

Hence different ODCs will have different alarm notifications going to their respective DLs.

I don't see how that is possible in ISE as I could only see Alarm notifications and not notifications for specific authentication logs.

Please confirm if there is a way to achieve this.

We are migrating customer's environment from NPS to ISE and the customer already has achieved the above use case in NPS.

hariholla · ‎08-23-2016

Only global email notifications for alarms can be set today with ISE, specific / filtered alarms can't be notified to specific email addresses / groups. A SIEM may solve this requirement.

View solution in original post

hariholla · ‎08-23-2016

Only global email notifications for alarms can be set today with ISE, specific / filtered alarms can't be notified to specific email addresses / groups. A SIEM may solve this requirement.