01-17-2023 02:46 AM
Hello,
I need to export all the Endpoint ID Groups and members from one ISE cluster and import into another. I've used context visibility to filter for endpoints in the group and then export them. However, there are not as many endpoints as when I go to Admin > ID Mgmt > Groups? There are more when I look in the actual group then when I look via context visibility? There is no option to export from the group section unfortunately.
Any idea why this is and how I get around it?
Many thanks in advance!
Solved! Go to Solution.
01-17-2023 06:33 AM
01-17-2023 07:36 AM
Go to Work Centers > Network Access > Identities. Choose the gear at the far right of the table and enable the Identity Group column. This will allow you to create a filter based on Identity Group.
Create the filter then choose Export > Export Filtered
01-17-2023 04:18 AM
- Check if this procedure could be useful (I have not verified it)
M.
01-17-2023 04:50 AM - edited 01-17-2023 04:51 AM
Hi @marce1000,
Many thanks for your suggestion but there is no "more actions" or "export endpoints" option in the ID group section of the ISE GUI.
01-17-2023 05:22 AM
@mattw selecting the endpoints will only display up to a maximum of 500 rows/page, default is 10.
Export all endpoints to CSV and then use excel skills to filter the endpoints, you can then use this to import to the new cluster.
01-17-2023 06:30 AM
Hi @Rob Ingram,
Thank you for your suggestion. This was the first thing I tried but with over 1 million endpoints known by ISE the exported file was 626MB and Excel couldn't open the entire contents. I could however open into Notepad++ and this also showed fewer endpoints associated with a particular endpoint group then are actually in the group.
I'm thinking that Context Visibility only shows endpoints that it has actually 'seen'? If this is the case, is there a way I can export all endpoints in each endpoint group (and not just the ones that have been seen on the network)?
01-17-2023 06:33 AM
01-17-2023 06:35 AM
BEAUTIFUL! Thank you sir! That should do it!
01-17-2023 07:36 AM
Go to Work Centers > Network Access > Identities. Choose the gear at the far right of the table and enable the Identity Group column. This will allow you to create a filter based on Identity Group.
Create the filter then choose Export > Export Filtered
01-17-2023 07:43 AM
Thank you, this method was simple and easy to export. You saved my day.
01-17-2023 08:46 AM
Thank you @Charlie Moreton but that still didn't show all members of an ID group (I think it only shows members that ISE has seen active on the network).
@Rob Ingram's solution of using the REST API does the trick and shows all members of a group even if they have not been seen connected to the network.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide