Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
266
Views
0
Helpful
1
Replies

OpenAPI or ERS to get AuthZ/AuthC Rule hitcounts

jschneider4
Level 1
Level 1

‎03-27-2025 01:49 PM

I would like to use OpenAPI or ERS to query ISE 3.1 for information - the objective is to see which AuthC/AuthZ policy rules are NOT being used to perform eventual cleanup. Can I use OpenAPI or ERS to get hitcounts (in a csv file output) from the established rules? There are a large number of rules and therefore examining each rule via the admin GUI is not desirable

Labels:
0 Helpful
1 Reply 1

Greg Gibbs
Cisco Employee
Cisco Employee

‎03-27-2025 05:32 PM

You would need to use the 'Network Access - Policy Set' OpenAPI to get the ID for the Policy Set you want, then use the 'Network Access - Authorization Rules' OpenAPI to get all of the Authorization Rules. You would then have to parse the results for the name and hitCounts attribute values.

https://developer.cisco.com/docs/identity-services-engine/latest/policy-openapi/

 

0 Helpful
Customers Also Viewed These Support Documents