Profiler Profiles

Synopsis

netapi ise get-profiler-profiles [OPTIONS]
netapi ise get-profiler-profile <NAME>

Description

Profiler profiles define device classification rules in ISE. These are the device types (Microsoft-Workstation, Apple-iPhone, Cisco-IP-Phone, etc.) that ISE uses to identify and categorize endpoints.

ISE includes 889+ built-in profiler profiles for common device types.

Commands

get-profiler-profiles

List all profiler profiles (device types).

# First 100 profiles (default)
netapi ise get-profiler-profiles

# All profiles (889+)
netapi ise get-profiler-profiles --all

# Search by name
netapi ise get-profiler-profiles --search Microsoft
netapi ise get-profiler-profiles --search Phone

# Combine options
netapi ise get-profiler-profiles --search Cisco --limit 20
Option Description

--all, -a

Fetch all pages (default: first page only)

--limit, -l

Limit number of results

--search, -s

Search by name (contains match)

--size

Results per page (max 100, default 100)
Sample Output
Found 889 profiler profiles
                               Profiler Profiles
┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Name                             ┃ Description                              ┃
┡━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ Microsoft-Device                 │ Generic policy for all Microsoft devices │
│ Microsoft-Workstation            │ Generic policy for Microsoft workstation │
│ Apple-Device                     │ Policy for Apple-Device                  │
│ Apple-iPhone                     │ Policy for Apple-iPhone                  │
│ Cisco-IP-Phone                   │ Policy for Cisco-IP-Phone                │
└──────────────────────────────────┴──────────────────────────────────────────┘

get-profiler-profile

Get specific profiler profile by name.

netapi ise get-profiler-profile Microsoft-Workstation
netapi ise get-profiler-profile Apple-iPhone
netapi ise get-profiler-profile Cisco-IP-Phone-7841
Sample Output
╭──────────────────────────────────────────────────────────────────────────────╮
│ Microsoft-Workstation                                                        │
╰──────────────────── 41fc9620-8c00-11e6-996c-525400b48521 ────────────────────╯
  Name                    Microsoft-Workstation
  Description             Generic policy for Microsoft workstation
  ID                      41fc9620-8c00-11e6-996c-525400b48521

Logical Profiles

Logical profiles are groupings of profiler profiles used in authorization policies. For example, the IP-Phone logical profile includes Cisco-IP-Phone, Avaya-IP-Phone, Polycom-IP-Phone, etc.

API Limitation: Logical profiles cannot be listed or managed via API - only used as filters.

# Filter endpoints by logical profile membership
netapi ise get-endpoints --logical-profile IP-Phone
netapi ise get-endpoints --logical-profile Mobile-Devices

Use Cases

Find Device Profiles

#!/bin/bash
# Find all printer-related profiles
netapi ise get-profiler-profiles --search Printer --all

# Find all IP phone profiles
netapi ise get-profiler-profiles --search Phone --all | grep -i "ip-phone"

Audit Device Types

#!/bin/bash
# Export all profiler profiles for documentation
netapi ise get-profiler-profiles --all --format json > profiler-profiles.json

Related Commands