Security

Hey all,

Looking for some clarification on the new "Inventory" menu in Insight in ClearPass 6.7+.

What is required of an endpoint to be listed here? The reason I ask, we have 850,000 endpoints in the database, but only 570,000 show up in the Inventory section in Insight. If I look at the profiler we have 824,000 devices profiled, so not sure why the numbers don't exactly line up.

Thanks.

Hi Michael,

Insight inventory is not a replica of EP database. There are number of ways mac address can be added in EP database. Insight db gets updated by something called netevents.

For example, authentication requests generate netevents and by using that insight db will be updated.

So, authentication request for a particular MAC address = netevent generated for MAC = MAC added in Insight inventory.

Regards,

Pranav

Hi,

I second Pranav's comment as inventory is not a replication of endpoint/profiler tables. 

The insight >> inventory is a data combination from multiple tables within the insight database and mainly relies on the endpoints table. 

And the insight data retention has no relation with endpoint cleanups. Therefore endpoints can be purged in the Insight database, even when the same endpoints exist in the Endpoint Repository (different database - tipsdb).