Security

Hello,

We only have 2 services, EAP TLS and MAC  Auth in CPPM. We are trying to create a "near-time" report from clearpass insight module to export all host information that clearpass policy manager has (IP address, Device Family, Device OS, MAC address).  

Ideally, most of the information available in "Clearpass Policy Manager > Configuration > Identity > Endpoints", would be nice if that could be reported via insight, however when I see same information in insight, most of the information is missing (e.g Device OS family:  Endpoints area show "Dell" or "Microsoft" but same thing to export in Insight we get "unknown").

Is it possible to leverage CPPM or Insight to obtain endpoint reports that has (MAC Addr, Device family, Custom roles (that we assigned), IP address) etc.? I could get "custom roles exported in "Endpoint authentication overview report"  but its missing "Device category, family etc" which is populated in "CPPM>config > identity > endpoints".

if i export that "identity>endpoint" list directly from clearpass, I get an xml file and got to use 'xml to csv' converter to get close to what I want but its not "near-time" (for example, show me all devices / endpoint info that connected in last 24 hours".

Thanks

In Device Insight, if you build a custom report, you can add additional Endpoint attributes to the Raw Data (CSV) Export. Those attributes will include Device Family/Category. 

[Include raw data in output]

Also, check your Database Retention settings in, Administration > Database Settings, to ensure Insight is storing the correct values for you report range. 

Hello,

We only have 2 services, EAP TLS and MAC  Auth in CPPM. We are trying to create a "near-time" report from clearpass insight module to export all host information that clearpass policy manager has (IP address, Device Family, Device OS, MAC address).  

Ideally, most of the information available in "Clearpass Policy Manager > Configuration > Identity > Endpoints", would be nice if that could be reported via insight, however when I see same information in insight, most of the information is missing (e.g Device OS family:  Endpoints area show "Dell" or "Microsoft" but same thing to export in Insight we get "unknown").

Is it possible to leverage CPPM or Insight to obtain endpoint reports that has (MAC Addr, Device family, Custom roles (that we assigned), IP address) etc.? I could get "custom roles exported in "Endpoint authentication overview report"  but its missing "Device category, family etc" which is populated in "CPPM>config > identity > endpoints".

if i export that "identity>endpoint" list directly from clearpass, I get an xml file and got to use 'xml to csv' converter to get close to what I want but its not "near-time" (for example, show me all devices / endpoint info that connected in last 24 hours".

Thanks

Zak,

Thank you for your response.

Is there a template available for custom reports? What report type does it take? XML or CSV? Is there a certain format that custom report expects in order to fetch the attributes from endpoint database that we are interested in?

Thanks

Z

In Device Insight, if you build a custom report, you can add additional Endpoint attributes to the Raw Data (CSV) Export. Those attributes will include Device Family/Category. 

[Include raw data in output]

Also, check your Database Retention settings in, Administration > Database Settings, to ensure Insight is storing the correct values for you report range. 

Hello,

We only have 2 services, EAP TLS and MAC  Auth in CPPM. We are trying to create a "near-time" report from clearpass insight module to export all host information that clearpass policy manager has (IP address, Device Family, Device OS, MAC address).  

Ideally, most of the information available in "Clearpass Policy Manager > Configuration > Identity > Endpoints", would be nice if that could be reported via insight, however when I see same information in insight, most of the information is missing (e.g Device OS family:  Endpoints area show "Dell" or "Microsoft" but same thing to export in Insight we get "unknown").

Is it possible to leverage CPPM or Insight to obtain endpoint reports that has (MAC Addr, Device family, Custom roles (that we assigned), IP address) etc.? I could get "custom roles exported in "Endpoint authentication overview report"  but its missing "Device category, family etc" which is populated in "CPPM>config > identity > endpoints".

if i export that "identity>endpoint" list directly from clearpass, I get an xml file and got to use 'xml to csv' converter to get close to what I want but its not "near-time" (for example, show me all devices / endpoint info that connected in last 24 hours".

Thanks

I may actually suggest, before writing a customer report, using the Standard Report Configuration dialogue.

This gives you the option to Create the "Endpoint Overview" report, and include the Raw CSV. 

Note the "include raw data in output" option

Then you can add the the appropriate attributes/columns in the next setup dialogue:

Zak,

Thank you for your response.

Is there a template available for custom reports? What report type does it take? XML or CSV? Is there a certain format that custom report expects in order to fetch the attributes from endpoint database that we are interested in?

Thanks

Z

In Device Insight, if you build a custom report, you can add additional Endpoint attributes to the Raw Data (CSV) Export. Those attributes will include Device Family/Category. 

[Include raw data in output]

Also, check your Database Retention settings in, Administration > Database Settings, to ensure Insight is storing the correct values for you report range. 

Hello,

We only have 2 services, EAP TLS and MAC  Auth in CPPM. We are trying to create a "near-time" report from clearpass insight module to export all host information that clearpass policy manager has (IP address, Device Family, Device OS, MAC address).  

Ideally, most of the information available in "Clearpass Policy Manager > Configuration > Identity > Endpoints", would be nice if that could be reported via insight, however when I see same information in insight, most of the information is missing (e.g Device OS family:  Endpoints area show "Dell" or "Microsoft" but same thing to export in Insight we get "unknown").

Is it possible to leverage CPPM or Insight to obtain endpoint reports that has (MAC Addr, Device family, Custom roles (that we assigned), IP address) etc.? I could get "custom roles exported in "Endpoint authentication overview report"  but its missing "Device category, family etc" which is populated in "CPPM>config > identity > endpoints".

if i export that "identity>endpoint" list directly from clearpass, I get an xml file and got to use 'xml to csv' converter to get close to what I want but its not "near-time" (for example, show me all devices / endpoint info that connected in last 24 hours".

Thanks

Zak,

We are passed that point.  Already generated and surprisingly, Device Family, Device OS, and all information known to our endpoint database, insight shows as Unknown to all those fields.

that report doesnt get "Framed IP address" even though option exists in the report to pull those fields, they return as empty columns

I may actually suggest, before writing a customer report, using the Standard Report Configuration dialogue.

This gives you the option to Create the "Endpoint Overview" report, and include the Raw CSV. 

Note the "include raw data in output" option

Then you can add the the appropriate attributes/columns in the next setup dialogue:

Zak,

Thank you for your response.

Is there a template available for custom reports? What report type does it take? XML or CSV? Is there a certain format that custom report expects in order to fetch the attributes from endpoint database that we are interested in?

Thanks

Z

In Device Insight, if you build a custom report, you can add additional Endpoint attributes to the Raw Data (CSV) Export. Those attributes will include Device Family/Category. 

[Include raw data in output]

Also, check your Database Retention settings in, Administration > Database Settings, to ensure Insight is storing the correct values for you report range. 

Hello,

We only have 2 services, EAP TLS and MAC  Auth in CPPM. We are trying to create a "near-time" report from clearpass insight module to export all host information that clearpass policy manager has (IP address, Device Family, Device OS, MAC address).  

Ideally, most of the information available in "Clearpass Policy Manager > Configuration > Identity > Endpoints", would be nice if that could be reported via insight, however when I see same information in insight, most of the information is missing (e.g Device OS family:  Endpoints area show "Dell" or "Microsoft" but same thing to export in Insight we get "unknown").

Is it possible to leverage CPPM or Insight to obtain endpoint reports that has (MAC Addr, Device family, Custom roles (that we assigned), IP address) etc.? I could get "custom roles exported in "Endpoint authentication overview report"  but its missing "Device category, family etc" which is populated in "CPPM>config > identity > endpoints".

if i export that "identity>endpoint" list directly from clearpass, I get an xml file and got to use 'xml to csv' converter to get close to what I want but its not "near-time" (for example, show me all devices / endpoint info that connected in last 24 hours".

Thanks

What methods are you using to profile devices and populate your Endpoint Repository? 

Zak,

We are passed that point.  Already generated and surprisingly, Device Family, Device OS, and all information known to our endpoint database, insight shows as Unknown to all those fields.

that report doesnt get "Framed IP address" even though option exists in the report to pull those fields, they return as empty columns

I may actually suggest, before writing a customer report, using the Standard Report Configuration dialogue.

This gives you the option to Create the "Endpoint Overview" report, and include the Raw CSV. 

Note the "include raw data in output" option

Then you can add the the appropriate attributes/columns in the next setup dialogue:

Zak,

Thank you for your response.

Is there a template available for custom reports? What report type does it take? XML or CSV? Is there a certain format that custom report expects in order to fetch the attributes from endpoint database that we are interested in?

Thanks

Z

In Device Insight, if you build a custom report, you can add additional Endpoint attributes to the Raw Data (CSV) Export. Those attributes will include Device Family/Category. 

[Include raw data in output]

Also, check your Database Retention settings in, Administration > Database Settings, to ensure Insight is storing the correct values for you report range. 

Hello,

We only have 2 services, EAP TLS and MAC  Auth in CPPM. We are trying to create a "near-time" report from clearpass insight module to export all host information that clearpass policy manager has (IP address, Device Family, Device OS, MAC address).  

Ideally, most of the information available in "Clearpass Policy Manager > Configuration > Identity > Endpoints", would be nice if that could be reported via insight, however when I see same information in insight, most of the information is missing (e.g Device OS family:  Endpoints area show "Dell" or "Microsoft" but same thing to export in Insight we get "unknown").

Is it possible to leverage CPPM or Insight to obtain endpoint reports that has (MAC Addr, Device family, Custom roles (that we assigned), IP address) etc.? I could get "custom roles exported in "Endpoint authentication overview report"  but its missing "Device category, family etc" which is populated in "CPPM>config > identity > endpoints".

if i export that "identity>endpoint" list directly from clearpass, I get an xml file and got to use 'xml to csv' converter to get close to what I want but its not "near-time" (for example, show me all devices / endpoint info that connected in last 24 hours".

Thanks

Zak,

We are passed that point.  Already generated and surprisingly, Device Family, Device OS, and all information known to our endpoint database, insight shows as Unknown to all those fields.

that report doesnt get "Framed IP address" even though option exists in the report to pull those fields, they return as empty columns

I may actually suggest, before writing a customer report, using the Standard Report Configuration dialogue.

This gives you the option to Create the "Endpoint Overview" report, and include the Raw CSV. 

Note the "include raw data in output" option

Then you can add the the appropriate attributes/columns in the next setup dialogue:

Zak,

Thank you for your response.

Is there a template available for custom reports? What report type does it take? XML or CSV? Is there a certain format that custom report expects in order to fetch the attributes from endpoint database that we are interested in?

Thanks

Z

In Device Insight, if you build a custom report, you can add additional Endpoint attributes to the Raw Data (CSV) Export. Those attributes will include Device Family/Category. 

[Include raw data in output]

Also, check your Database Retention settings in, Administration > Database Settings, to ensure Insight is storing the correct values for you report range. 

Hello,

We only have 2 services, EAP TLS and MAC  Auth in CPPM. We are trying to create a "near-time" report from clearpass insight module to export all host information that clearpass policy manager has (IP address, Device Family, Device OS, MAC address).  

Ideally, most of the information available in "Clearpass Policy Manager > Configuration > Identity > Endpoints", would be nice if that could be reported via insight, however when I see same information in insight, most of the information is missing (e.g Device OS family:  Endpoints area show "Dell" or "Microsoft" but same thing to export in Insight we get "unknown").

Is it possible to leverage CPPM or Insight to obtain endpoint reports that has (MAC Addr, Device family, Custom roles (that we assigned), IP address) etc.? I could get "custom roles exported in "Endpoint authentication overview report"  but its missing "Device category, family etc" which is populated in "CPPM>config > identity > endpoints".

if i export that "identity>endpoint" list directly from clearpass, I get an xml file and got to use 'xml to csv' converter to get close to what I want but its not "near-time" (for example, show me all devices / endpoint info that connected in last 24 hours".

Thanks

Unfortunately, we are in a similar situation with RADIUS authentication of users through a VPN device.  In Policy Manager we can see the Source IP address as End-Host Identifier, RADIUS:IETF:Calling-Station-Id, and RADIUS: IETF:Tunnel-Client-Endpoint.  I understand not getting a MAC address in the reports on this as we are authenticating a user, not a device, but the IP address is recorded in ClearPass but does not appear to populate Insight correctly or Insight does not return the information regardless of which IP address option we choose to report on.  This appears to be a bug or serious product deficiency.   I have opened a support ticket with Aruba, wish me luck.   

Original Message:
Sent: Mar 06, 2024 04:24 PM
From: AZ245
Subject: Insight Reports to get all endpoint information exported in csv

Zak,

We are passed that point.  Already generated and surprisingly, Device Family, Device OS, and all information known to our endpoint database, insight shows as Unknown to all those fields.

that report doesnt get "Framed IP address" even though option exists in the report to pull those fields, they return as empty columns

Original Message:
Sent: Mar 06, 2024 04:08 PM
From: 802.zak
Subject: Insight Reports to get all endpoint information exported in csv

I may actually suggest, before writing a customer report, using the Standard Report Configuration dialogue.

This gives you the option to Create the "Endpoint Overview" report, and include the Raw CSV. 

Note the "include raw data in output" option

Then you can add the the appropriate attributes/columns in the next setup dialogue:

------------------------------
If my post was useful, please Accept Solution and Give Kudos.
------------------------------
Zak Chalupka
Principal Engineer - HPE Aruba
ACDX | ACMP | ACSP | ACCP
wifizak@hpe.com
------------------------------
Ideas expressed here are solely my own and not necessarily that of HPE Aruba.

Original Message:
Sent: Mar 06, 2024 04:01 PM
From: AZ245
Subject: Insight Reports to get all endpoint information exported in csv

Zak,

Thank you for your response.

Is there a template available for custom reports? What report type does it take? XML or CSV? Is there a certain format that custom report expects in order to fetch the attributes from endpoint database that we are interested in?

Thanks

Z

Original Message:
Sent: Mar 06, 2024 03:40 PM
From: 802.zak
Subject: Insight Reports to get all endpoint information exported in csv

In Device Insight, if you build a custom report, you can add additional Endpoint attributes to the Raw Data (CSV) Export. Those attributes will include Device Family/Category. 

[Include raw data in output]

Also, check your Database Retention settings in, Administration > Database Settings, to ensure Insight is storing the correct values for you report range. 

------------------------------
If my post was useful, please Accept Solution and Give Kudos.
------------------------------
Zak Chalupka
Principal Engineer - HPE Aruba
ACDX | ACMP | ACSP | ACCP
wifizak@hpe.com
------------------------------
Ideas expressed here are solely my own and not necessarily that of HPE Aruba.

Original Message:
Sent: Mar 06, 2024 01:25 PM
From: AZ245
Subject: Insight Reports to get all endpoint information exported in csv

Hello,

We only have 2 services, EAP TLS and MAC  Auth in CPPM. We are trying to create a "near-time" report from clearpass insight module to export all host information that clearpass policy manager has (IP address, Device Family, Device OS, MAC address).  

Ideally, most of the information available in "Clearpass Policy Manager > Configuration > Identity > Endpoints", would be nice if that could be reported via insight, however when I see same information in insight, most of the information is missing (e.g Device OS family:  Endpoints area show "Dell" or "Microsoft" but same thing to export in Insight we get "unknown").

Is it possible to leverage CPPM or Insight to obtain endpoint reports that has (MAC Addr, Device family, Custom roles (that we assigned), IP address) etc.? I could get "custom roles exported in "Endpoint authentication overview report"  but its missing "Device category, family etc" which is populated in "CPPM>config > identity > endpoints".

if i export that "identity>endpoint" list directly from clearpass, I get an xml file and got to use 'xml to csv' converter to get close to what I want but its not "near-time" (for example, show me all devices / endpoint info that connected in last 24 hours".

Thanks

Thanks Alan for sharing your input on this topic.

Curious, do you have 'profiling" enabled on your Service in clearpass that serves those vpn connections? 

Best of luck on that feature enhancement, that will be huge if they can fix that.

Original Message:
Sent: Mar 07, 2024 01:45 PM
From: Alan Mercer 2
Subject: Insight Reports to get all endpoint information exported in csv

Unfortunately, we are in a similar situation with RADIUS authentication of users through a VPN device.  In Policy Manager we can see the Source IP address as End-Host Identifier, RADIUS:IETF:Calling-Station-Id, and RADIUS: IETF:Tunnel-Client-Endpoint.  I understand not getting a MAC address in the reports on this as we are authenticating a user, not a device, but the IP address is recorded in ClearPass but does not appear to populate Insight correctly or Insight does not return the information regardless of which IP address option we choose to report on.  This appears to be a bug or serious product deficiency.   I have opened a support ticket with Aruba, wish me luck.   

Original Message:
Sent: Mar 06, 2024 04:24 PM
From: AZ245
Subject: Insight Reports to get all endpoint information exported in csv

Zak,

We are passed that point.  Already generated and surprisingly, Device Family, Device OS, and all information known to our endpoint database, insight shows as Unknown to all those fields.

that report doesnt get "Framed IP address" even though option exists in the report to pull those fields, they return as empty columns

Original Message:
Sent: Mar 06, 2024 04:08 PM
From: 802.zak
Subject: Insight Reports to get all endpoint information exported in csv

I may actually suggest, before writing a customer report, using the Standard Report Configuration dialogue.

This gives you the option to Create the "Endpoint Overview" report, and include the Raw CSV. 

Note the "include raw data in output" option

Then you can add the the appropriate attributes/columns in the next setup dialogue:

------------------------------
If my post was useful, please Accept Solution and Give Kudos.
------------------------------
Zak Chalupka
Principal Engineer - HPE Aruba
ACDX | ACMP | ACSP | ACCP
wifizak@hpe.com
------------------------------
Ideas expressed here are solely my own and not necessarily that of HPE Aruba.

Original Message:
Sent: Mar 06, 2024 04:01 PM
From: AZ245
Subject: Insight Reports to get all endpoint information exported in csv

Zak,

Thank you for your response.

Is there a template available for custom reports? What report type does it take? XML or CSV? Is there a certain format that custom report expects in order to fetch the attributes from endpoint database that we are interested in?

Thanks

Z

Original Message:
Sent: Mar 06, 2024 03:40 PM
From: 802.zak
Subject: Insight Reports to get all endpoint information exported in csv

In Device Insight, if you build a custom report, you can add additional Endpoint attributes to the Raw Data (CSV) Export. Those attributes will include Device Family/Category. 

[Include raw data in output]

Also, check your Database Retention settings in, Administration > Database Settings, to ensure Insight is storing the correct values for you report range. 

------------------------------
If my post was useful, please Accept Solution and Give Kudos.
------------------------------
Zak Chalupka
Principal Engineer - HPE Aruba
ACDX | ACMP | ACSP | ACCP
wifizak@hpe.com
------------------------------
Ideas expressed here are solely my own and not necessarily that of HPE Aruba.

Original Message:
Sent: Mar 06, 2024 01:25 PM
From: AZ245
Subject: Insight Reports to get all endpoint information exported in csv

Hello,

We only have 2 services, EAP TLS and MAC  Auth in CPPM. We are trying to create a "near-time" report from clearpass insight module to export all host information that clearpass policy manager has (IP address, Device Family, Device OS, MAC address).  

Ideally, most of the information available in "Clearpass Policy Manager > Configuration > Identity > Endpoints", would be nice if that could be reported via insight, however when I see same information in insight, most of the information is missing (e.g Device OS family:  Endpoints area show "Dell" or "Microsoft" but same thing to export in Insight we get "unknown").

Is it possible to leverage CPPM or Insight to obtain endpoint reports that has (MAC Addr, Device family, Custom roles (that we assigned), IP address) etc.? I could get "custom roles exported in "Endpoint authentication overview report"  but its missing "Device category, family etc" which is populated in "CPPM>config > identity > endpoints".

if i export that "identity>endpoint" list directly from clearpass, I get an xml file and got to use 'xml to csv' converter to get close to what I want but its not "near-time" (for example, show me all devices / endpoint info that connected in last 24 hours".

Thanks

Thanks Alan for sharing your input on this topic.

Curious, do you have 'profiling" enabled on your Service in clearpass that serves those vpn connections? 

Best of luck on that feature enhancement, that will be huge if they can fix that.

Original Message:
Sent: Mar 07, 2024 01:45 PM
From: Alan Mercer 2
Subject: Insight Reports to get all endpoint information exported in csv

Unfortunately, we are in a similar situation with RADIUS authentication of users through a VPN device.  In Policy Manager we can see the Source IP address as End-Host Identifier, RADIUS:IETF:Calling-Station-Id, and RADIUS: IETF:Tunnel-Client-Endpoint.  I understand not getting a MAC address in the reports on this as we are authenticating a user, not a device, but the IP address is recorded in ClearPass but does not appear to populate Insight correctly or Insight does not return the information regardless of which IP address option we choose to report on.  This appears to be a bug or serious product deficiency.   I have opened a support ticket with Aruba, wish me luck.   

Original Message:
Sent: Mar 06, 2024 04:24 PM
From: AZ245
Subject: Insight Reports to get all endpoint information exported in csv

Zak,

We are passed that point.  Already generated and surprisingly, Device Family, Device OS, and all information known to our endpoint database, insight shows as Unknown to all those fields.

that report doesnt get "Framed IP address" even though option exists in the report to pull those fields, they return as empty columns

Original Message:
Sent: Mar 06, 2024 04:08 PM
From: 802.zak
Subject: Insight Reports to get all endpoint information exported in csv

I may actually suggest, before writing a customer report, using the Standard Report Configuration dialogue.

This gives you the option to Create the "Endpoint Overview" report, and include the Raw CSV. 

Note the "include raw data in output" option

Then you can add the the appropriate attributes/columns in the next setup dialogue:

------------------------------
If my post was useful, please Accept Solution and Give Kudos.
------------------------------
Zak Chalupka
Principal Engineer - HPE Aruba
ACDX | ACMP | ACSP | ACCP
wifizak@hpe.com
------------------------------
Ideas expressed here are solely my own and not necessarily that of HPE Aruba.

Original Message:
Sent: Mar 06, 2024 04:01 PM
From: AZ245
Subject: Insight Reports to get all endpoint information exported in csv

Zak,

Thank you for your response.

Is there a template available for custom reports? What report type does it take? XML or CSV? Is there a certain format that custom report expects in order to fetch the attributes from endpoint database that we are interested in?

Thanks

Z

Original Message:
Sent: Mar 06, 2024 03:40 PM
From: 802.zak
Subject: Insight Reports to get all endpoint information exported in csv

In Device Insight, if you build a custom report, you can add additional Endpoint attributes to the Raw Data (CSV) Export. Those attributes will include Device Family/Category. 

[Include raw data in output]

Also, check your Database Retention settings in, Administration > Database Settings, to ensure Insight is storing the correct values for you report range. 

------------------------------
If my post was useful, please Accept Solution and Give Kudos.
------------------------------
Zak Chalupka
Principal Engineer - HPE Aruba
ACDX | ACMP | ACSP | ACCP
wifizak@hpe.com
------------------------------
Ideas expressed here are solely my own and not necessarily that of HPE Aruba.

Original Message:
Sent: Mar 06, 2024 01:25 PM
From: AZ245
Subject: Insight Reports to get all endpoint information exported in csv

Hello,

We only have 2 services, EAP TLS and MAC  Auth in CPPM. We are trying to create a "near-time" report from clearpass insight module to export all host information that clearpass policy manager has (IP address, Device Family, Device OS, MAC address).  

Ideally, most of the information available in "Clearpass Policy Manager > Configuration > Identity > Endpoints", would be nice if that could be reported via insight, however when I see same information in insight, most of the information is missing (e.g Device OS family:  Endpoints area show "Dell" or "Microsoft" but same thing to export in Insight we get "unknown").

Is it possible to leverage CPPM or Insight to obtain endpoint reports that has (MAC Addr, Device family, Custom roles (that we assigned), IP address) etc.? I could get "custom roles exported in "Endpoint authentication overview report"  but its missing "Device category, family etc" which is populated in "CPPM>config > identity > endpoints".

if i export that "identity>endpoint" list directly from clearpass, I get an xml file and got to use 'xml to csv' converter to get close to what I want but its not "near-time" (for example, show me all devices / endpoint info that connected in last 24 hours".

Thanks