Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
806
Views
0
Helpful
3
Replies

Retrieve endpoint IP Address via ISE ERS or Swagger API

PeterLMSD
Level 1
Level 1

‎09-26-2024 08:51 PM

Running ISE 3.2 Patch 6 I am trying to retrieve the current endpoint status if it is online, and what the current IP address is.

When I query ERS via /ers/config/endpoint/... with the GUID of the endpoint I don't see any IP address values.

When I query using the Swagger API via /api/v1/endpoint/mac-address and the IP address field is empty in the response.

Is there any way via API to see what is shown in the Web UI for the current client IP address that was learnt via Radius Accounting Start, or DHCP Probe?

0 Helpful
3 Replies 3

thomas
Cisco Employee
Cisco Employee

‎09-27-2024 02:00 PM

I cover some options in our ISE Webinar ▷ How to Get Data Out of ISE 

/ers/config/endpoint/ is for endpoint configuration information and their identity group management, not ephemeral IP, posture or other details.

You want session information by MAC or IP or username. For this you want to look at
ISE Monitoring API Examples :

But the MNT APIs only output data in XML.

If you're going to be doing queries for a lot of endpoints, it might be easier and faster to use the ISE DataConnect feature along with my iseql.py script or create your own:

iseql.py -i "SELECT mac_address,endpoint_ip FROM endpoints_data"

mac_address       endpoint_ip
----------------- ---------------
9C:8E:CD:37:DA:13 10.1.10.10
9C:8E:CD:2D:2C:17 10.1.10.20

 

0 Helpful

PeterLMSD
Level 1
Level 1
In response to thomas

‎09-30-2024 02:43 PM

Thanks @thomas that was part of what I am looking for. I am also looking for the device expiry data such as:
ENDPOINTPURGE -> ElapsedDays and InactiveDays 
As the data doesn't seem correct and we have hundreds of thousands of entries in the database which don't seem to be getting purged out.

I can see other posts: CSCwb67601 - Get All Endpoints report inactivedays incorrect data - Cisco Community

As then I can confirm if I want to manually remove the entry rather than relying on the purge process.

0 Helpful

thomas
Cisco Employee
Cisco Employee
In response to PeterLMSD

‎10-01-2024 07:40 AM - edited ‎10-01-2024 11:49 AM

Endpoint Purge / ElapsedDays / InactiveDays is a totally separate and different question. Please start a new thread in the future.

There are currently no options for retrieving the elapseddays or inactivedays attributes from DataConnect that I can see. 8-(

Edit:

I have been using the ISE DataConnect feature recently because it is much faster than the REST APIs any time you have more than 100 objects. The ISE DataConnect : Endpoints_Data table currently has the attributes CREATE_TIME and UPDATE_TIME which are used to calculate the elapseddays and inactivedays attributes, respectively. However, to pull these will require the use of a "fat" SQL client as "thin" clients, like my iseql.py script, cannot retrieve them.

0 Helpful
Customers Also Viewed These Support Documents