Presuming its on the same segment (and youre inband) you could look at the arp table then do lookups based of the mac addresses to get the data you want...
acl
________________________________
From: Cisco Clean Access Users and Administrators on behalf of John Truelove
Sent: Wed 12/6/2006 2:30 PM
To: [log in to unmask]
Subject: Re: Gathering information from servers #2
Oops forgot to answer second part of your question.
Role, CAS, VLAN, and Operating system.
Thanks
John
>>> "Jackie Cheng (jaccheng)" <[log in to unmask]> 12/6/2006 1:16 PM >>>
Hi John,
How do you define a "active user"? And what are the information you want to see from that user?
Thanks,
--Jackie
________________________________
From: Cisco Clean Access Users and Administrators [mailto:[log in to unmask]] On Behalf Of John Truelove
Sent: Wednesday, December 06, 2006 7:31 AM
To: [log in to unmask]
Subject: Re: Gathering information from servers #2
That is what I discovered, a place for device filters active users but not others.
I did not include those numbers in the Perl scripts for Cacti because I did not want to have logged in users added together with
active users from the device filters. The apples to apples thing, not apples to oranges... :)
John
>>> Kyle Evans <[log in to unmask]> 12/6/2006 10:20 AM >>>
Yes, I just tested it, and the entry in the intern_arpq table does not timeout in any reasonable amount of time when the device becomes inactive. However, I did some testing to see how the active devices for device filters works and I found the following:
When a device has a filter and the device is inactive, entries for the mac address appear in the following two tables on the CAS:
/proc/click/mac_validation_table/table
/proc/click/mac_validation_table/up_bw_table
When the device becomes active, entries remain in those tables but also appear in these tables:
/proc/click/mac_validation_table/activetable
/proc/click/mac_validation_table/dn_bw_table
/proc/click/mac_validation_table/iptable
When the device becomes inactive again, the entries in those 3 tables disappear quickly, but not immediately.
This information is interesting but not that useful. It shows that the CAS is keeping track specifically of active devices in device filters, but not for active devices overall. The only other way I can think of is trying to create an interface in each managed subnet and using arping to check everyone in the online users list, but I'm not sure the CAS is set up to allow that.
Kyle
John Truelove wrote:
I have looked at the file before and it does not contain active users.
I think it is the logged in users, instead.
wc -l table and my number stays around 1353 which would be total logged in users for that CAS.
Thanks
John
>>> Kyle Evans <[log in to unmask]> <mailto:[log in to unmask]> 12/6/2006 8:52 AM >>>
You can look at the arp table on the CAS in /proc/click/intern_arpq/table with this command:
cat /proc/click/intern_arpq/table
Although unless I'm mistaken, this will give you all active devices for that CAS whether they are logged in or not or in device filters or not. So to get a list of users that are logged in and active, you'd have to write a script to take the list from the arp table and compare it to the list of logged in users and only print the entries that occur in both.
Now there is one caveat. I'm not sure how long an entry stays in this arp table after a device has become inactive. If the timeout is short, then this will work fairly well. If the timeout is long, then this method will not work well. However, this method is kind of complex, so it may not be worth it anyway.
Kyle
John Truelove wrote:
Prem, Nick, or others:
I have asked this in the past and still have not found a way to gather
statistics on active users.
I can get the active users for the device filters and that is it.
Is there a location on the CAM or CAS that the active MAC, IP, or user
information is stored ?
It has to be there somewhere for the session timers and heartbeat timers to function correctly ? right ?
I have been wanting that type of information since 3.4.5 and I still don't
have a way to gather active users. I know others would like to have that
information as well by scripts or SNMP.
Thanks for any help you can provide.
John
John Truelove
OIT Network Engineer - CCNP
Indiana State University
210 N 7th Street, Tirey Hall Rm 65
Terre Haute, IN 47809
812-237-4921
*******************************************************************************************************************************************************
This email, and any attachments, thereto, is intended only for use by the addressee(s) named herein and may contain privileged
and/or confidential information. If you are not the intended recipient of this email, you are hereby notified that any dissemination,
distribution or copying of this email, and any attachments thereto, is strictly prohibited.
*******************************************************************************************************************************************************
|