Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1742
Views
0
Helpful
3
Replies

ISE authentication reports parsed and emailed

Go to solution
Richard Lucht
Level 1
Level 1

‎07-02-2020 01:40 PM

Currently I have ISE export csv files of failed authentication attempts to a folder on a share drive through a SFTP connection. What I would like to do is have the csv exported then parsed for specific columns then emailed to certain users.  We are performing network access control for a great deal of agencies and only certain reports should go to certain people.  I currently export 2 reports daily and 1 monthly.  I would like the relevant info sent to the IT point of contacts through email automatically.  Has anyone set this up?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Damien Miller
VIP Alumni
VIP Alumni

‎07-03-2020 11:25 AM

Yes, with an additional server in the mix though, this can't be done by ISE itself. The exporting of data/report is the easy part, there is no issue getting it out of ISE. Once exported, you can have a scheduled ingestion job running on the SQL server, then have the SQL server send an email once completed. This would typical require a developer/database admin to set up unless you are hiding some SQL skills in your back pocket.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Damien Miller
VIP Alumni
VIP Alumni

‎07-03-2020 11:25 AM

Yes, with an additional server in the mix though, this can't be done by ISE itself. The exporting of data/report is the easy part, there is no issue getting it out of ISE. Once exported, you can have a scheduled ingestion job running on the SQL server, then have the SQL server send an email once completed. This would typical require a developer/database admin to set up unless you are hiding some SQL skills in your back pocket.
0 Helpful

Go to solution
Richard Lucht
Level 1
Level 1
In response to Damien Miller

‎07-06-2020 07:29 AM

Thanks Damien that is the route I am going. Sadly my SQL skills are what I picked up in college years ago and not up to par with this.  We have some talented DBAs that I am talking with.

0 Helpful

Go to solution
Richard Lucht
Level 1
Level 1
In response to Damien Miller

‎07-08-2020 06:13 AM

I went the SQL route and talked with one of our very talented DBAs.  He was able to take my cumbersome report and extract just what I needed to inform the IT contacts at the various agencies of the the unauthenticated devices being added to the network.  It sends out a report in HTML in an email after ISE does its thing.  Thank you

0 Helpful
Customers Also Viewed These Support Documents