DataConnect

Overview

DataConnect provides direct SQL access to ISE’s Oracle database. Query authentication logs, accounting records, endpoint data, and audit trails.

Port

2484 (TCPS)

Protocol

Oracle JDBC (TLS)

Auth

Database credentials (not ERS)

Views

376+ read-only views

Capabilities

Category Use Cases

RADIUS Authentication

Auth success/failure trends, EAP method adoption

RADIUS Accounting

Session duration, bandwidth usage, top talkers

Endpoints

Profiling data, identity group membership

TACACS

Device admin authentication logs

Audit

Configuration change tracking

Subpages

Connection Setup

Prerequisites

  1. DataConnect enabled on ISE MnT node

  2. Database user created for DataConnect

  3. Client certificate for JDBC TLS

netapi Configuration

# Configure DataConnect credentials
netapi ise dc configure

# Test connection
netapi ise dc query "SELECT 1 FROM DUAL"

JDBC Connection

# Connection string format
jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCPS)(HOST=ise-mnt)(PORT=2484))(CONNECT_DATA=(SID=cpm)))

# With Oracle SQLcl
sql dataconnect/password@//ise-mnt:2484/cpm

Quick Queries

Authentication Stats

netapi ise dc query "
  SELECT
    COUNT(*) as total,
    SUM(CASE WHEN PASSED = 1 THEN 1 ELSE 0 END) as passed,
    SUM(CASE WHEN PASSED = 0 THEN 1 ELSE 0 END) as failed
  FROM RADIUS_AUTHENTICATIONS
  WHERE TIMESTAMP_TIMEZONE > TRUNC(SYSDATE)
"

Top Failure Reasons

netapi ise dc query "
  SELECT FAILURE_REASON, COUNT(*) as count
  FROM RADIUS_AUTHENTICATIONS
  WHERE PASSED = 0
  AND TIMESTAMP_TIMEZONE > SYSDATE - 1
  GROUP BY FAILURE_REASON
  ORDER BY count DESC
  FETCH FIRST 10 ROWS ONLY
"

EAP-TLS Adoption

netapi ise dc query "
  SELECT
    AUTHENTICATION_METHOD,
    COUNT(*) as count,
    ROUND(COUNT(*) * 100.0 / SUM(COUNT(*)) OVER(), 1) as pct
  FROM RADIUS_AUTHENTICATIONS
  WHERE TIMESTAMP_TIMEZONE > SYSDATE - 7
  GROUP BY AUTHENTICATION_METHOD
  ORDER BY count DESC
"

Active Sessions Duration

netapi ise dc query "
  SELECT
    CALLING_STATION_ID as mac,
    ROUND(MAX(ACCT_SESSION_TIME)/3600, 2) as hours
  FROM RADIUS_ACCOUNTING
  WHERE TIMESTAMP_TIMEZONE > SYSDATE - 1
  GROUP BY CALLING_STATION_ID
  ORDER BY hours DESC
  FETCH FIRST 10 ROWS ONLY
"

Key Views

View Description

RADIUS_AUTHENTICATIONS

All RADIUS auth attempts (pass/fail)

RADIUS_ACCOUNTING

Session start/stop/interim records

ENDPOINTS

Endpoint database (MAC, profile, group)

TACACS_AUTHENTICATIONS

TACACS+ admin authentication

ADMIN_USERS_AUDIT

ISE configuration changes

DataConnect vs MnT API

Feature DataConnect MnT API

Data

Historical (all time)

Active sessions only

Query

SQL (full flexibility)

Fixed endpoints

Performance

Optimized for analytics

Real-time lookup

Use Case

Reporting, trends

Operational actions

Security Notes

  • DataConnect is read-only - no INSERT/UPDATE/DELETE

  • Credentials are separate from ERS API

  • Enable only on MnT node, not PAN/PSN

  • Use TLS (port 2484) always

See Also