Airheads,
i need your support!
For a show-case i need to change an Attribute for a specific device in the Endpoints Database without having the need to touch my notebook.
The show-case:
Endpoint get quarantined at threat detection based on syslogparsing of paloalto networks firewall. At the same time the endpoint receives the additional attribute Threat Status with value unresolved.
The Attributes value should remain unresolved until i trigger a change (so no timer or change based on reconnection).
I can trigger the change by sending an api request(PATCH) to http://demo-ClearPass/endpoint/mac-address/{enpoint-mac} but i would like to do it without the use of the notebook.
My idea:
Use an amazon dash button which gets authenticated by MAC-address. This authentication should enforce a Content Server Action on localhost(ClearPass) which either sets the Attribute value to resolved or deletes it by sending value "".
Unfortunatley i do not get the Context Server Action to work. I do not see any errors altough i have to admit i do not know where if there is a log for them for there execution.
Thanks in advance
Kevin