Skip to content

pxGrid Filtering

Jump to bottom
Chethana-Chidam edited this page Jul 24, 2024 · 7 revisions

From Cisco ISE Release 3.4, pxGrid supports filtering of information based on the specific requirements of the clients. pxGrid filtering is supported for the following topics in this version:

  • TrustSec SXP
  • Session Directory - Session Topic
  • Session Directory - Group Topic

In Cisco ISE 3.3 and earlier releases, pxGrid published all the information it received from the publishers to the clients. The pxGrid filtering feature enables clients to receive only the relevant information from the publisher for each subscription. pxGrid information is filtered based on the client provided filters in the following two instances:

  • Before a bulk download

  • Before publishing the live data to the clients

Where and how to specify filters

For bulk download/download of Historical data -

The below listed bulk download REST APIs will take an optional parameter, "filter" in the request body. (Please refer the respective REST APIs for syntax for specifying filter.)

  • getSessions of Session topic
  • getUserGroups of Session Group topic
  • getBindings of TrustSec SXP topic

For live data -

The StompSubscription object that is sent as a parameter to subscribe method, will have an extra filter attribute in the sample codes, that can be set through constructor as in the sample code snippet below.

     String filter = "macAddress == '192.168.20.111'";
     // Subscribe
     StompSubscription subscription = new StompSubscription(sessionTopic, new SessionHandler(), filter);
     endpoint.subscribe(subscription);

Filter examples

pxGrid filtering feature uses JMESPath JSON query language library to filter pxGrid JSON payloads. JMESPath has different syntax for querying an array of JSON objects verses a single JSON object. pxGrid simplifies it and uses the query for single JSON object for both single and array of JSON objects payloads. Refer JMESPath for more examples and also use the console provided there to try out different filters.

String Comparison

"filter": "source == '10.66.1.12'"

Integer Comparison

"filter": "tag == `5`"

Note that the quotes used for string ('') and integer (``) are different.

Two Conditions(Integer and String) joined by AND operator(&&)

"filter": "tag == `5` && source == '10.66.1.13'"

Two Conditions(Integer and String) joined by OR operator(||)

"filter": "tag == `8` || source == '10.66.1.13'"

Filter query for nested JSON

"filter": "(groups[].name.contains(@, 'IdentityGroup:Employee')).contains(@, true)"

pxGrid extended functions

JMESPath provides many functions that can be used in query like starts_with, ends_with, contains and many more to do string comparisons. Refer JMESPath for more functions that the library provides.

pxGrid has extended JMESPath and provided 2 more functions that can be very useful to users -

  1. in_subnet

eg: "filter":"in_subnet(nasIpAddress,'10.59.64.0/24')"

  1. in_array

eg: "filter": "in_array(userName, ['user1', 'user2', 'user3'])"

Clone this wiki locally