dc config-changes

Synopsis

netapi ise dc config-changes [OPTIONS]

Description

Get ISE configuration change events. Critical for audit - who changed what and when.

Options

Option Default Description

Option	Default	Description
`--hours`, `-h`	`24`	Hours to look back
`--limit`, `-l`	`50`	Maximum records to return
`--admin`, `-a`	(none)	Filter by admin username
`--type`, `-t`	(none)	Filter by object type (e.g., "Policy", "Endpoint")

--hours, -h

24

Hours to look back

--limit, -l

50

Maximum records to return

--admin, -a

(none)

Filter by admin username

--type, -t

(none)

Filter by object type (e.g., "Policy", "Endpoint")

Usage

# Last 24 hours (default)
netapi ise dc config-changes

# Filter by admin
netapi ise dc config-changes --admin superadmin

# Policy changes only
netapi ise dc config-changes --type "Policy"

# Last week
netapi ise dc config-changes --hours 168

# Combine filters
netapi ise dc config-changes --admin netadmin --type "Endpoint" --hours 48

Sample Output

Config Changes (last 24h)
──────────────────────────────────────────────────────────────────────────────
Time                 Admin         Operation  Type         Object            Status
──────────────────────────────────────────────────────────────────────────────
2026-01-23 10:43:21  superadmin    UPDATE     Endpoint     3C:EC:EF:43:50:42 OK
2026-01-23 10:41:08  superadmin    CREATE     AuthzProfile NewProfile        OK
2026-01-23 10:38:55  ersadmin      DELETE     Endpoint     AA:BB:CC:DD:EE:FF OK

Use Cases

Compliance Audit

# All changes this week
netapi ise dc config-changes --hours 168 --limit 500

Track Endpoint Changes

# Who moved endpoints between groups?
netapi ise dc config-changes --type "Endpoint" --hours 168

Policy Change Audit

# Authorization policy changes
netapi ise dc config-changes --type "Policy" --hours 168