Security

Reply
Occasional Contributor I

Help with postgres query on Last Check In

We enabled airwatch to dump data to our clearpass server but wanted to block access to devices that haven't checked in to the airwatch server within 5 days.   We are using the Endpoint:Last Check In variable

 

 

We have the timesource setup as:

 

SELECT (EXTRACT (EPOCH FROM NOW() - interval '5 days'))::int AS Minus5Days;

 

and the service set to:

 

(Endpoint:Last Check In  GREATER_THAN  %{Authorization:[Time Source]:Minus5Days}) with a role that sets it to fail 

 

I think we might have messed up the extract command but we can't figure it out.

 

anyone have any ideas?

 

 

Frequent Contributor I

Re: Help with postgres query on Last Check In

I'm trying to test this too, for example reject dot1x Access to devices/endpoints that have not checking in the past 3 months, 

 

I added a filter in Authentication Sources - [Time Source] and tried to add a role mapping rule base on the filter on the Endpoint last checking. 

 

Any comments how to achive this ? 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: