Come join our live training webinar every other Wednesday at 11am PST and hear LogicMonitor experts explain best practices and answer common questions. We understand these are uncertain times, and we are here to help!
LogicMonitor’s Cisco Identity Services Engine (ISE) monitoring package uses the ISE API to monitor endpoints, users, sessions, and more. Synthetic transactions for RADIUS and TACACS protocols are also initiated for testing authentication to a RADIUS or TACACS server.
As of August 2020, LogicMonitor’s Cisco ISE package is known to be compatible with:
As Cisco releases newer versions of Cisco ISE, LogicMonitor will test and extend coverage as necessary.
Add your Cisco ISE node into monitoring. For more information on adding resources into monitoring, see Adding Devices.
LogicMonitor must provide the appropriate credentials in order to successfully access the Cisco ISE API resource’s data. These credentials must belong to a user account that has been assigned suitable permissions to access the ISE MnT API (not to be confused with the ERS API). As discussed next, these credentials will be assigned as properties within LogicMonitor.
For more information on the Cisco ISE API, see the Cisco Identity Services Engine API Reference Guide.
The following sets of custom properties must be set on the Cisco ISE node within LogicMonitor. For more information on setting properties, see Resource and Instance Properties.
From the LogicMonitor public repository, import all Cisco ISE LogicModules, which are listed in the LogicModules in Package section of this support article. If these LogicModules are already present, ensure you have the most recent versions.
Once the LogicModules are imported (assuming all previous setup requirements have been met), data collection will automatically commence.
This is usually the result of one of the following:
These protocols follow standards used by common test tools and are only expected to fail with incorrect credentials. If the credentials are correct, ensure that the LogicMonitor Collector’s attempted connections aren’t being blocked by default (for example, denied as a result of an allow list or deny list).
LogicMonitor’s package for Cisco ISE consists of the following LogicModules. For full coverage, please ensure that all of these LogicModules are imported into your LogicMonitor platform.
When setting static datapoint thresholds on the various metrics tracked by this package’s DataSources, LogicMonitor follows the technology owner’s best practice KPI recommendations. If necessary, we encourage you to adjust these predefined thresholds to meet the unique needs of your environment. For more information on tuning datapoint thresholds, see Tuning Static Thresholds for Datapoints.
In This Article