09-21-2024 02:16 AM - edited 09-21-2024 02:16 AM
Hi all;
Look at the following figure:
As you can see, every primary section has a "timestamp" section. I want to know that what is the purpose of this timestamp?
Thanks
Solved! Go to Solution.
09-25-2024 07:06 AM
Hi,
First of all sorry for the miss during the presentation
ConnectioData.xml file is created on the first posture attempt, and in its content initially you will see only one primary record with multiple backup records.
For every Primary record you have a time tag, this tag stores a timestamp when was updated last time in Unix Epoch Format like someone pointed out.
Now what happens next. When endpoint is moving between PSNs every next server is added as a separate Primary record. In this example the endpoint was connected first time to "ise-s" and we know because timestamp is 1702030758 (10:19:18 ). After the endpoint moved and authenticated to "ise-p" so the record is updated with another primary record showing a new timestamp 1702031250 ( 10:27:30 ).
ConnectionData.xml sooner or later will have all PSNs in deployment listed as primary entries if endpoint travels a lot, the reason behind it is that they were implemented along with posture lease to ensure agent can locate proper PSN when there is no redirection, if my last connection is showing PSN-X as primary with the latest timestamp I will contact this PSN.
I hope now its clear
09-22-2024 01:28 PM
Not sure, but if you take that integer 1702031250 (unix epoch time) and convert it date/time, you get
Assuming that this timestamp is in seconds:
GMT: Friday, 8 December 2023 10:27:30
Relative: 9 months ago
Does that ring any bells? Perhaps the install date of that VM?
09-24-2024 10:25 AM
Hi @Arne Bier and thanks for your reply;
based on my research, this time is not related to the installation date of ISE as every time the client connects to ISE PSN to retrieve posture policies, this time is changed dynamically.
The picture of my post is from CiscoLive 2024, as you can see below:
Unfortunately, the presenter does not explain the "Time" field and its relation to ISE PSN pickup from the client perspective.
09-24-2024 01:27 PM
Would be good to track down the author and get their direct feedback.
09-25-2024 06:27 AM
I pinged him on Webex Teams.
09-25-2024 07:06 AM
Hi,
First of all sorry for the miss during the presentation
ConnectioData.xml file is created on the first posture attempt, and in its content initially you will see only one primary record with multiple backup records.
For every Primary record you have a time tag, this tag stores a timestamp when was updated last time in Unix Epoch Format like someone pointed out.
Now what happens next. When endpoint is moving between PSNs every next server is added as a separate Primary record. In this example the endpoint was connected first time to "ise-s" and we know because timestamp is 1702030758 (10:19:18 ). After the endpoint moved and authenticated to "ise-p" so the record is updated with another primary record showing a new timestamp 1702031250 ( 10:27:30 ).
ConnectionData.xml sooner or later will have all PSNs in deployment listed as primary entries if endpoint travels a lot, the reason behind it is that they were implemented along with posture lease to ensure agent can locate proper PSN when there is no redirection, if my last connection is showing PSN-X as primary with the latest timestamp I will contact this PSN.
I hope now its clear
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide