dc session

Synopsis

netapi ise dc session <MAC> [OPTIONS]

Description

The crown jewel of DataConnect commands. Combines endpoint identity, profiler data, active session status, and authentication history into a single comprehensive view. This is your one-stop command for understanding everything about a device.

Arguments

Argument Description

Argument	Description
`MAC`	MAC address of the endpoint (required)

MAC

MAC address of the endpoint (required)

Options

Option Default Description

Option	Default	Description
`--hours`, `-h`	`24`	Hours of auth history to include

--hours, -h

24

Hours of auth history to include

Use the global --format flag at the dc level:

netapi ise dc --format json session 3C:EC:EF:43:50:42

Usage

# Full session view
netapi ise dc session 3C:EC:EF:43:50:42

# Extended auth history (48 hours)
netapi ise dc session 3C:EC:EF:43:50:42 --hours 48

# JSON for automation
netapi ise dc --format json session 3C:EC:EF:43:50:42

Sample Output

iPSK Wireless Device (Samsung on DOMUS_IoT)

╭────────────────────────────── Session Overview ──────────────────────────────╮
│ 9C:83:06:CE:89:46 ACTIVE                                                     │
╰──────────────────────────────────────────────────────────────────────────────╯
╭────────────────────────────────── Identity ──────────────────────────────────╮
│   MAC Address             9C:83:06:CE:89:46                                  │
╰──────────────────────────────────────────────────────────────────────────────╯
╭────────────────────────────────── Profiler ──────────────────────────────────╮
│   Profiler Policy         Samsung-Device                                     │
╰──────────────────────────────────────────────────────────────────────────────╯
╭─────────────────────────────── Active Session ───────────────────────────────╮
│   Policy Set              IoT WIFI iPSK                                      │
│   AuthZ Profile           iPSK-Auth                                          │
│   Auth Method             mab                                                │
│   NAD IP                  10.50.1.40                                         │
│   NAD Port                capwap_90000002                                    │
│   Auth Time               2026-01-26 17:38:26                                │
│   Session ID              2801320A000016E1FD18076C                           │
╰──────────────────────────────────────────────────────────────────────────────╯
╭────────────────────────────────── Activity ──────────────────────────────────╮
│   First Seen              2026-01-26 17:38:26                                │
│   Static Assignment       false                                              │
╰──────────────────────────────────────────────────────────────────────────────╯

                       Authentication History (last 24h)
┏━━━━━━━━━━━━━━━┳━━━━━━━━┳━━━━━━━━┳━━━━━━━━━━━━━━━┳━━━━━━━━━━━━┳━━━━━━━━━━━━━━━┓
┃ Time          ┃ Status ┃ Method ┃ Policy        ┃ NAD        ┃ Reason        ┃
┡━━━━━━━━━━━━━━━╇━━━━━━━━╇━━━━━━━━╇━━━━━━━━━━━━━━━╇━━━━━━━━━━━━╇━━━━━━━━━━━━━━━┩
│ 2026-01-26    │ PASSED │ mab    │ IoT WIFI iPSK │ 10.50.1.40 │ -             │
│ 17:38:26      │        │        │               │            │               │
│ 2026-01-26    │ FAILED │ mab    │ HomeRF        │ 10.50.1.40 │ 15039         │
│ 17:32:07      │        │        │ WPA2PSK       │            │ Rejected...   │
└───────────────┴────────┴────────┴───────────────┴────────────┴───────────────┘

Stats: 2 passed | 4 failed | 6 total

Wired 802.1X Workstation

╭────────────────────────────── Session Overview ──────────────────────────────╮
│ 3C:EC:EF:43:50:42 ACTIVE                                                     │
╰──────────────────────────────────────────────────────────────────────────────╯
╭────────────────────────────────── Identity ──────────────────────────────────╮
│   MAC Address             3C:EC:EF:43:50:42                                  │
│   Username                drshahab@corp.local                                │
╰──────────────────────────────────────────────────────────────────────────────╯
╭────────────────────────────────── Profiler ──────────────────────────────────╮
│   Profiler Policy         Linux-Workstation                                  │
╰──────────────────────────────────────────────────────────────────────────────╯
╭─────────────────────────────── Active Session ───────────────────────────────╮
│   Policy Set              Wired Dot1X Closed                                 │
│   AuthZ Profile           Domus_Secure_Profile                               │
│   Auth Method             dot1x                                              │
│   NAD IP                  10.50.1.10                                         │
│   NAD Port                GigabitEthernet1/0/12                              │
│   Auth Time               2026-01-23 08:15:00                                │
│   Session ID              0a3210280001234556789abc                           │
╰──────────────────────────────────────────────────────────────────────────────╯

Data Sources Combined

This command queries multiple ISE DataConnect views and combines them:

Section Source View

Section	Source View
Endpoint Identity	`ENDPOINTS`
Profiler Data	`PROFILER_ENDPOINT_CURRENT`
Active Session	`RADIUS_ACCOUNTING`
Auth History	`RADIUS_AUTHENTICATION`

Endpoint Identity

ENDPOINTS

Profiler Data

PROFILER_ENDPOINT_CURRENT

Active Session

RADIUS_ACCOUNTING

Auth History

RADIUS_AUTHENTICATION

Use Cases

User Reports "Can’t Connect"

# Get the full picture instantly
netapi ise dc session 3C:EC:EF:43:50:42

This tells you:

Is the device known to ISE?
What profile is it getting?
Is there an active session?
Any recent auth failures?

Verify New Endpoint Onboarding

# After onboarding, verify everything is correct
netapi ise dc session $NEW_MAC --hours 1

Verify iPSK Device Connection

After adding a device to iPSK Manager and connecting to the WLAN:

# Check the device got the right policy set and profile
netapi ise dc session 9C:83:06:CE:89:46

# Expected output shows:
#   Policy Set: IoT WIFI iPSK (not HomeRF or other)
#   AuthZ Profile: iPSK-Auth (with dynamic PSK/VLAN)
#   Auth Method: mab (MAC Authentication Bypass)
#   Profiler Policy: Samsung-Device (or similar)

Key things to verify:

Policy Set = IoT WIFI iPSK (correct SSID matched)
AuthZ Profile = iPSK-Auth (ODBC returned dynamic attributes)
Auth Method = mab (MAC-based, not dot1x)
Auth History shows PASSED with no recent failures

Export for Ticket Documentation

# Save session info for ticket/documentation
netapi ise dc session 3C:EC:EF:43:50:42 > /tmp/ticket-12345-session.txt

Automation/Scripting

# JSON for scripts
netapi ise dc --format json session 3C:EC:EF:43:50:42 | jq '{
  mac: .endpoint.mac,
  profile: .profiler.policy,
  active: (.session != null),
  last_auth: .auth_history[0].timestamp
}'