Cisco AnyConnect Secure Mobility Client Administrator Guide, Release 3.1
Telemetry XML Reference
Downloads: This chapterpdf (PDF - 181.0KB) The complete bookPDF (PDF - 6.94MB) | Feedback

Table of Contents

Telemetry XML Reference

Telemetry XML Reference

This appendix describes the XML elements used in a Telemetry client profile. Use this appendix as a reference, if you are troubleshooting a Telemetry client profile, or you have not yet upgraded to ASDM 6.4(1) and do not have use of the AnyConnect profile editor tool.

If you have upgraded to ASDM 6.4(1), we strongly recommend that you use the AnyConnect profile editor to create and maintain AnyConnect client profiles rather than editing the profile files with a plain text or XML editor. The AnyConnect profile editor comes with its own online help.

Read Configuring AnyConnect Telemetry to the WSA for familiarity with the AnyConnect Telemetry module, client profile, and features. Table B-1 provides XML tag names, options, descriptions, and example code used to configure the AnyConnect telemetry client profile. AnyConnect uses the default value if the profile does not specify one.

The actsettings.xml file provides the default telemetry client profile settings. The parameters in the telemetry_profile.tsp file supersede those specified in the actsettings.xml file. See using the “Configuring the Telemetry Client Profile” section for more information about the telemetry_profile.tsp file.

The telemetry client profile parameters sent by the WSA in response to the service status request supersede the parameters specified in the telemetry_profile.tsp file. The telemetry module stores the WSA settings in the endpoint’s registry. The telemetry module updates the registry when it receives new settings from the WSA. This allows the telemetry module to use the same settings when no VPN session is active.


Note The parameters sent by the WSA, in response to the service status request, are configured on WSA releases 7.1 or later.



Caution Do not cut and paste the examples from this document. Doing so introduces line breaks that can break your XML. Instead, open the profile template file in a text editor such as Notepad or Wordpad.

Table B-1 Telemetry Parameters Defined in XML Configuration Files

Element name
Description
Range
Default Value
Specified by Profile Editor on ASDM
Specified by the WSA

Telemetry

Parent element for all telemetry module elements

ServiceDisable

Enables or disables telemetry service

false

true

false

Telemetry is enabled by default after editing and saving the telemetry profile.

Yes

No

MaxHistLog

Maximum size of the activity history repository

2-1000

(MB)

100

Yes

No

MaxHistDays

Maximum number of days to retain activity history.

1-1000

(days)

180

Yes

No

AvCheckInterval

Interval for checking new antivirus notification

5-300 (seconds)

60

Yes

No

PostRetries

Number of retransmitting attempts if report posting or service check fails

0-10

(times)

2

Yes

No

NewKeyInterval

Interval of changing Internal and External AES keys

(0 indicates only changing at service starting time)

0-24

(hours)

0

Yes

No

ExemptFromHooking

Contains a list of <AppName> elements that contain application filenames, or paths to application filenames, that will be exempted from telemetry reporting

None - unlimited

none

Yes

No

AppName

Contains an application filename, or a path to an application filename, that will be exempted from telemetry reporting

Child element of <ExemptFromHooking>

none-256 (Bytes)

none

No

CiscoCert

Cisco’s certificate with the public key to encrypt External AES keys

None-4

(KB)

None

No

No

CustCert

Your certificate with the public key to encrypt internal AES keys and also to encrypt external AES keys

This must be a PEM certificate type.

None-4

(KB)

None

Yes

No

MaxPayLoad

Maximum payload length of report posting request

1024 - 65535 (KB)

10240 KB

No

Yes

ServiceHost

Name of AnyConnect Secure Mobility service portal

None-1

(KB)

mus.cisco.com

No

No

ServiceProxy

Proxy server name and port for posting report with formatting of “proxy:port”

None-1

(KB)

none

No

No

OptIn

AnyConnect Secure Mobility /Telemetry feature enabled

Yes or No

No

No

Yes

ServiceName

Specifies the AnyConnect Secure Mobility service name

None-1

(KB)

TelemetryReport

No

No

RelativeURL

Relative URL of AnyConnect Secure Mobility service for report posting

None-1

(KB)

TelemetryReport

No

Yes

DetailLevel

Level of reporting URL details (Standard indicates full URL. Limited indicates store hostname and domain name of every path component.)

Standard or Limited

Limited

No

Yes

ExcludedDoamin

Contains a list of <Domain> elements that specify domain names of internal URLs

None - unlimited

none

No

Yes

Domain

Contains an internal URL that is exempt from telemetry reporting. For example: cisco.com.

Child element of <ExcludedDomain>

none-1

(KB)

none

No

Yes

DebugLevel

Log message detail levels

0 – error only

1 – warnings

2 – states

3 – information

4 – debug

5 – all

0-5

1

No

No

ACTuserDebugLevel

Debug levels for hooking DLL (actuser.dll)

0 – No Log

1 – Debug Log

0-1

0

No

no

AnyConnect Telemetry Client Profile

Refer to the following example to configure AnyConnect Telemetry:

<?xml version="1.0" encoding="UTF-8"?>
<Telemetry>
<ServiceDisable>false</ServiceDisable>
<MaxHistLog>100</MaxHistLog>
<MaxHistDays>180</MaxHistDays>
<AvCheckInterval>60</AvCheckInterval>
<PostRetries>2</PostRetries>
<ExemptFromHooking>
<AppName>C:\Program Files\Cisco\CSAgent\bin\okclient.exe</AppName>
</ExemptFromHooking>
<CustCert>
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBIQDO5BLlnIfNvuctLkunNIIlNNqB8AYW2X1CQ2UBd0IfJVjquf22
p1UoOUmPx1KqA2zWdqfUzVUqUQUCdZuVw+kWkXOMLVz7lNLpEjmU1PAOoqLeqoUe
NY3IzKInvLIzUQA6oOb8kvCPlN7n7mvjqC6wwvqjJaQCUYbL2/c/4qbIKQIDAQAB
AoIAqIQTjqc7Mlqv2222dOEpQoYtax8ywIqV/q3XQ4U2pOm7wULqLxIU+yIIj/dx
qT6ZIE80jLInUl2W7n1/7vCtylEIqzxKIwJAIOZf+q58KotInzPyIYITAAYU27Tf
qnoICOolwZYiDeXUCA7CWJXLm27oDqF5OlI+ImaUIeqyOUc8cZoUUUXtIQJBAM2J
WlDVI2mxxiIfq2ZtbUdpJzbqtwmEmPEnBEn8PqkqZndY1xdWW3JIuaIl7qQwwO2I
cDbUyM/mtVNvdMDKCjmCQQDTaJUkvB0LED51JIO3KmU8LIQq+4Mamej+qFIZVYiy
cFKfI+U0wqfIo4LILzP78OW4E2OmeaWqmza7VLC4aUUF
-----END RSA PRIVATE KEY-----
</CustCert>
</Telemetry>