Cisco ISE
This pack includes Cortex XSIAM content.
Cisco ISE
- Details
- Content
- Dependencies
- Version History
Next-generation secure network access.
Cisco ISE
This pack includes Cortex XSIAM content.
Configuration on Server Side
Complete the following to configure basic log syslog collection:
- Go to Administration > System > Logging > Remote Logging Targets
- Click Add and then fill the required details.
- Click Save, and then verify the creation of the new target by going to the Remote Logging Targets page.
Note:
To prevent log segmentation, set the Maximum Length of the log to 8096.
More information on remote logging configuration can be found here.
Collect Events from Vendor
In order to use the collector, use the Broker VM option.
Broker VM
To create or configure the Broker VM, use the information described here.
You can configure the specific vendor and product for this instance.
- Navigate to Settings > Configuration > Data Broker > Broker VMs.
- Right-click, and select Syslog Collector > Configure.
- When configuring the Syslog Collector, set the following values:
- vendor as vendor - cisco
- product as product - ise
Integrations
| Name | Description |
|---|---|
| Cisco ISE | Next-generation secure network access. |
Integrations
| Name | Description |
|---|---|
| Cisco ISE | Next-generation secure network access. |
Modeling Rules
| Name | Description |
|---|---|
Cisco ISE Modeling Rule |
Parsing Rules
| Name | Description |
|---|---|
Cisco ISE Parsing Rule |
Required Content Packs (1)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
Optional Content Packs (0)
| Pack Name | Pack By |
|---|
All level dependencies (1)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
1.0.20 - 1136970 (July 1, 2024)
- 34550
Download
Integrations
Cisco ISE
- Fixed an issue where the command returned an error where no results were found for the following commands:
- cisco-ise-get-endpoint-id
- cisco-ise-get-endpoint-details
- cisco-ise-get-blacklist-endpoints
- cisco-ise-get-endpoint-id-by-name
- Fixed an issue where the command cisco-ise-update-endpoint-group failed when mdm values are missing from the endpoint.
- Updated the Docker image to: demisto/python3:3.10.14.99865.
- 34550
Download
1.0.20 - 1136970 (July 1, 2024)
- 34550
Download
Integrations
Cisco ISE
- Fixed an issue where the command returned an error where no results were found for the following commands:
- cisco-ise-get-endpoint-id
- cisco-ise-get-endpoint-details
- cisco-ise-get-blacklist-endpoints
- cisco-ise-get-endpoint-id-by-name
- Fixed an issue where the command cisco-ise-update-endpoint-group failed when mdm values are missing from the endpoint.
- Updated the Docker image to: demisto/python3:3.10.14.99865.
- 34550
Download
PUBLISHER
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | November 9, 2020 | |
| Last Release | May 11, 2025 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
