Occasional Contributor I

Help with postgres query on Last Check In

We enabled airwatch to dump data to our clearpass server but wanted to block access to devices that haven't checked in to the airwatch server within 5 days.   We are using the Endpoint:Last Check In variable



We have the timesource setup as:


SELECT (EXTRACT (EPOCH FROM NOW() - interval '5 days'))::int AS Minus5Days;


and the service set to:


(Endpoint:Last Check In  GREATER_THAN  %{Authorization:[Time Source]:Minus5Days}) with a role that sets it to fail 


I think we might have messed up the extract command but we can't figure it out.


anyone have any ideas?




Re: Help with postgres query on Last Check In

I'm trying to test this too, for example reject dot1x Access to devices/endpoints that have not checking in the past 3 months, 


I added a filter in Authentication Sources - [Time Source] and tried to add a role mapping rule base on the filter on the Endpoint last checking. 


Any comments how to achive this ? 

“All opinions written here are my own and do not necessarily reflect the views and opinions of Aruba.”
“If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos"

Search Airheads
Showing results for 
Search instead for 
Did you mean: