Cisco Identity Services Engine

the cisco identity services engine(ise) connector integrates with swimlane turbine this connector gives cisco identity services engine(ise) admin the power to integrate with ise mnt monitoring (mnt) restapi and allow you to retrieve active and historic radius session details prerequisites you must have administrator rights and know your url , username , password in order to utilize this connector capabilities this connector provides the following capabilities session management get active sessions counter get active session lists real time monitoring and alerting get mac address session search get authenticated sessions list get profiler sessions counter automated response for unauthorized access coa session management api calls allow you to send reauthentication and disconnect commands to a specified session on a target cisco monitoring ise node in your cisco ise deployment change of authorization session disconnect change of authorization session reauthentication additional session attributes for enhanced security get nas ip address session search task setup get authenticated sessions list values for starttime and endtime path parameters null/null lists all active authenticated sessions null/endtime lists all active authenticated sessions after the specified end time starttime/null lists all active authenticated sessions before the specified start time starttime/endtime lists all active authenticated sessions between the specified start time and end time configurations cisco ise http basic authentication authenticates using username and password configuration parameters parameter description type required url cisco ise url in the address bar of your browser (for example, https // ) string required username username string required password password string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions change of authorization session disconnect coa session management api calls allow you to send disconnect commands to a specified session on a target cisco monitoring ise node in your cisco ise deployment endpoint url /admin/api/mnt/coa/disconnect/{{psn name}}/{{mac}}/{{disconnect}}/{{nad ip}}/{{endpoint ip}} method get input argument name type required description psn name string required name of the resource mac string required parameter for change of authorization session disconnect disconnect number required values 0, 1, 2 in the reference of dynamic authz port default = 0, dynamic authz port bounce = 1, dynamic authz port shutdown = 2 nad ip string required parameter for change of authorization session disconnect endpoint ip string required parameter for change of authorization session disconnect output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] change of authorization session reauthentication coa session management api calls allow you to send reauthentication command to a specified session on a target cisco monitoring ise node in your cisco ise deployment endpoint url /admin/api/mnt/coa/reauth/{{psn name}}/{{mac}}/{{reauth type}} method get input argument name type required description psn name string required name of the resource mac string required parameter for change of authorization session reauthentication reauth type number required values 0, 1, 2 in the reference of reauth type default = 0, reauth type last = 1, reauth type rerun = 2 output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get active session lists get a list of all active radius sessions, including new mac addresses endpoint url /admin/api/mnt/session/activelist method get output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get active sessions counter retrieve the count of active sessions endpoint url /admin/api/mnt/session/activecount method get output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get authenticated sessions list get a list of all authenticated sessions between start and end timestamps endpoint url /admin/api/mnt/session/authlist/{{starttime}}/{{endtime}} method get input argument name type required description starttime string required start time should be in the format of yyyy mm dd hh\ mm \ ss s endtime string required end time should be in the format of yyyy mm dd hh\ mm \ ss s output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get mac address session search get the active radius session for the specified mac address endpoint url /admin/admin/api/mnt/session/macaddress/{{macaddress}} method get input argument name type required description macaddress string required must use this mac address format xx\ xx\ xx\ xx\ xx \ xx output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get nas ip address session search get a list of all active radius sessions for the specified network access device (nad) nas ip address ipv4 or ipv6 address is allowed endpoint url /admin/api/mnt/session/ipaddress/{{nad ip}} method get input argument name type required description nad ip string required ipv4 (n n n n) or ipv6 (xxxx\ xxxx\ xxxx\ xxxx\ xxxx\ xxxx\ xxxx \ xxxx ) address is allowed output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get profiler sessions counter count of active profiler service sessions, useful for detecting new devices on the network use the profilercount api call to retrieve a count of all currently active sessions using profilng endpoint url /admin/api/mnt/session/profilercount method get output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] notes for more information on cisco identity services engine(ise) cisco identity services engine(ise) https //developer cisco com/learning/modules/ise/cisco ise refereed api https //community cisco com/t5/security knowledge base/ise monitoring api examples/ta p/4800437#toc hid 361001803for authorization steps https //www cisco com/c/en/us/td/docs/security/ise/2 4/api ref guide/api ref book/ise api ref ch2 html