Device Events
Note: Only users with an Administrator role can view Device Events.
Device Events provides a record of devices leveraging Secure Client Cloud Management in Cisco XDR and deployment activity for those devices.
Choose Client Management > Device Events in the navigation menu to open the Device Events page.
The device inventory includes Host Name, Last updated, OS Type, OS Version, and UID.
The deployment activity includes Event Time, Event Type, Timestamp, and IP Address when you expand the event details.
Search for Device
Device Events allows you to view Cloud Management enabled devices collectively in one place. To find events, first select a specific device by using the search box to enter a Host Name or UCid and click Select Device to see related events.
Event Details
Once a device is selected, a record of the Cloud Management Deployment activity is displayed. Expanding the row for a specific event displays the event details.
-
Event Type
- int-new-instance-key - A new instance key was generated for the "Previous deployment ID computer" (every computer is identified with a unique device instance key).
- no-wmi - No WMI services are available to perform data collection.
- pass-pkg-install - A Packaging and Signing Service bootstrap binary attempted to install a package.
- pkg-install - The agent attempted to install a package.
- pkg-reconfig - An existing package was reconfigured; configuration files have been added, removed, or replaced.
- pkg-uninstall - A package has been uninstalled.
-
Event Details
- bid - The business identifier of the client that experienced/recorded the event.
- did - Current deployment ID.
- odid - Previous deployment ID.
- pip - The remote endpoint public IP (<IP>[:<PORT>]) that submitted the event; should be added by the server.
- tse - TimeStamp Event; what time the event occurred.
- tssrv - TimeStamp on backend server.
- tstx - TimeStamp Transmission; what time the client sent the event to the server.
- ucid - The UCID of the client that experienced or recorded the event.