Cisco Catalyst Center Rogue Management and aWIPS Application Quick Start Guide, Release 3.1.x

PDF

View tasks and audit logs of rogue AP containment type

Updated: December 15, 2025

Want to summarize with AI?

Log in

Overview

For a rogue AP with wireless containment status as Partial, an i icon appears adjacent to Partial state under the Containment column in the Threat 360 window. Hover your cursor over the i icon to view the current wireless containment status of the Rogue SSIDs.

In case of containment failure, Catalyst Center allows you to view the tasks and audit logs of submitted requests of wired and wireless rogue AP containment.

Procedure

1.

From the main menu, choose Activities > Tasks.
2.

In the left pane, under Type, click Task to view only tasks.
3.

In the left pane, do these steps to view only wired and wireless rogue AP containment tasks:

  1. Expand Categories.

  2. Click Show all.

  3. In the Search field, enter ROGUE.

  4. Check the ROGUE check box.
4.

Click the task name to open a slide-in pane with more information, such as the rogue AP containment operation details, status, date, and time.
5.

To view the audit logs with the rogue AP containment type and corresponding device IP address information, click the menu icon and choose Activities > Audit Logs.

Note

  • For Cisco AireOS, the containment request audit logs show the CLI commands.

  • For Cisco Catalyst 9800 Series Wireless Controllers, the containment request audit logs show the NETCONF requests.

  • For Wired Rogue AP containment, the audit logs show the CLI commands executed on the switch to bring the switchport down.