cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
330
Views
4
Helpful
5
Replies

What is the purpose of Timestamp in ConnectionData.xml file

rezaalikhani
Spotlight
Spotlight

Hi all;

Look at the following figure:

rezaalikhani_0-1726910101314.png

As you can see, every primary section has a "timestamp" section. I want to know that what is the purpose of this timestamp?

Thanks

1 Accepted Solution

Accepted Solutions

abertore
Cisco Employee
Cisco Employee

Hi,

First of all sorry for the miss during the presentation  

ConnectioData.xml file is created on the first posture attempt, and in its content initially you will see only one primary record with multiple backup records.

For every Primary record you have a time tag, this tag stores a timestamp when was updated last time in Unix Epoch Format like someone pointed out. 

Now what happens next. When endpoint is moving between PSNs every next server is added as a separate Primary record. In this example the endpoint was connected first time to "ise-s" and we know because timestamp is 1702030758 (10:19:18 ). After the endpoint moved and authenticated to "ise-p" so the record is updated with another primary record showing a new timestamp 1702031250 ( 10:27:30 ). 

ConnectionData.xml sooner or later will have all PSNs in deployment listed as primary entries if endpoint travels a lot, the reason behind it is that they were implemented along with posture lease to ensure agent can locate proper PSN when there is no redirection, if my last connection is showing PSN-X as primary with the latest timestamp I will contact this PSN. 

I hope now its clear  

View solution in original post

5 Replies 5

Arne Bier
VIP
VIP

Not sure, but if you take that integer 1702031250 (unix epoch time) and convert it date/time, you get 

Assuming that this timestamp is in seconds:
GMT: Friday, 8 December 2023 10:27:30
Relative: 9 months ago

Does that ring any bells?  Perhaps the install date of that VM?

 

Hi @Arne Bier and thanks for your reply;

based on my research, this time is not related to the installation date of ISE as every time the client connects to ISE PSN to retrieve posture policies, this time is changed dynamically.

The picture of my post is from CiscoLive 2024, as you can see below:

rezaalikhani_0-1727198619586.png

Unfortunately, the presenter does not explain the "Time" field and its relation to ISE PSN pickup from the client perspective.

 

Would be good to track down the author and get their direct feedback.

I pinged him on Webex Teams.

abertore
Cisco Employee
Cisco Employee

Hi,

First of all sorry for the miss during the presentation  

ConnectioData.xml file is created on the first posture attempt, and in its content initially you will see only one primary record with multiple backup records.

For every Primary record you have a time tag, this tag stores a timestamp when was updated last time in Unix Epoch Format like someone pointed out. 

Now what happens next. When endpoint is moving between PSNs every next server is added as a separate Primary record. In this example the endpoint was connected first time to "ise-s" and we know because timestamp is 1702030758 (10:19:18 ). After the endpoint moved and authenticated to "ise-p" so the record is updated with another primary record showing a new timestamp 1702031250 ( 10:27:30 ). 

ConnectionData.xml sooner or later will have all PSNs in deployment listed as primary entries if endpoint travels a lot, the reason behind it is that they were implemented along with posture lease to ensure agent can locate proper PSN when there is no redirection, if my last connection is showing PSN-X as primary with the latest timestamp I will contact this PSN. 

I hope now its clear