cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2494
Views
5
Helpful
5
Replies

ISE collection filter

Staring Hamster
Level 1
Level 1

Hi everyone! I'm trying to create a collection filter for EEM user in Tacacs live logs, but some why it doesn't work. Am i doing something wrong?

Capture.PNG

  

Capture.PNG

1 Accepted Solution

Accepted Solutions

You're running ISE 2.3 patch 2 which means you do not have the ability to filter TACACS authorization requests (bug id CSCvb45390). To enable this feature and fix the behavior you're seeing, you need to download and install the most recent patch for your version. You can get this here, patch 7, ise-patchbundle-2.3.0.298-Patch7-19080206.SPA.x86_64.tar.gz. This is also the last patch that will be provided for ISE 2.3. 
https://software.cisco.com/download/home/283801620/type/283802505/release/2.3.0

ISE 2.3 is also end of life, support ended for it June 17th 2020, you should consider upgrading to newer version.
https://www.cisco.com/c/en/us/products/collateral/security/identity-services-engine/bulletin-c25-741734.html

View solution in original post

5 Replies 5

Damien Miller
VIP Alumni
VIP Alumni

Which version and patch are you running? There was a bug/enhancement request for this fixed in recent versions, 2.2p15, 2.3p6, 2.4p6, and 2.6+.
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvb45390

we're running the following version and patch

You're running ISE 2.3 patch 2 which means you do not have the ability to filter TACACS authorization requests (bug id CSCvb45390). To enable this feature and fix the behavior you're seeing, you need to download and install the most recent patch for your version. You can get this here, patch 7, ise-patchbundle-2.3.0.298-Patch7-19080206.SPA.x86_64.tar.gz. This is also the last patch that will be provided for ISE 2.3. 
https://software.cisco.com/download/home/283801620/type/283802505/release/2.3.0

ISE 2.3 is also end of life, support ended for it June 17th 2020, you should consider upgrading to newer version.
https://www.cisco.com/c/en/us/products/collateral/security/identity-services-engine/bulletin-c25-741734.html

Thank you for your response. I have one more question. Is there any way to filter out AAA accounting for this user in next releases? For example in ISE 3.0

Yes, 2.7, 3.0, and 3.1 all have this fix integrated regardless of patch level.