Table Of Contents

Telemetry XML Reference

Telemetry XML Reference

---

This appendix describes the XML elements used in a Telemetry client profile. Use this appendix as a reference, if you are troubleshooting a Telemetry client profile, or you have not yet upgraded to ASDM 6.4(1) and do not have use of the AnyConnect profile editor tool.

If you have upgraded to ASDM 6.4(1), we strongly recommend that you use the AnyConnect profile editor to create and maintain AnyConnect client profiles rather than editing the profile files with a plain text or XML editor. The AnyConnect profile editor comes with its own online help.

Read Configuring AnyConnect Telemetry to the WSA for familiarity with the AnyConnect Telemetry module, client profile, and features. Table B-1 provides XML tag names, options, descriptions, and example code used to configure the AnyConnect telemetry client profile. AnyConnect uses the default value if the profile does not specify one.

The actsettings.xml file provides the default telemetry client profile settings. The parameters in the telemetry_profile.tsp file supersede those specified in the actsettings.xml file. See using the "Configuring the Telemetry Client Profile" section for more information about the telemetry_profile.tsp file.

The telemetry client profile parameters sent by the WSA in response to the service status request supersede the parameters specified in the telemetry_profile.tsp file. The telemetry module stores the WSA settings in the endpoint's registry. The telemetry module updates the registry when it receives new settings from the WSA. This allows the telemetry module to use the same settings when no VPN session is active.

---

Note The parameters sent by the WSA, in response to the service status request, are configured on WSA releases 7.1 or later.

---

---

Caution Do not cut and paste the examples from this document. Doing so introduces line breaks that can break your XML. Instead, open the profile template file in a text editor such as Notepad or Wordpad.

---

Table B-1 Telemetry Parameters Defined in XML Configuration Files

Element name	Description	Range	Default Value	Specified by Profile Editor on ASDM	Specified by the WSA
Telemetry	Parent element for all telemetry module elements
ServiceDisable	Enables or disables telemetry service	false true	false Telemetry is enabled by default after editing and saving the telemetry profile.	Yes	No
MaxHistLog	Maximum size of the activity history repository	2-1000 (MB)	100	Yes	No
MaxHistDays	Maximum number of days to retain activity history.	1-1000 (days)	180	Yes	No
AvCheckInterval	Interval for checking new antivirus notification	5-300 (seconds)	60	Yes	No
PostRetries	Number of retransmitting attempts if report posting or service check fails	0-10 (times)	2	Yes	No
NewKeyInterval	Interval of changing Internal and External AES keys (0 indicates only changing at service starting time)	0-24 (hours)	0	Yes	No
ExemptFromHooking	Contains a list of <AppName> elements that contain application filenames, or paths to application filenames, that will be exempted from telemetry reporting	None - unlimited	none	Yes	No
AppName	Contains an application filename, or a path to an application filename, that will be exempted from telemetry reporting Child element of <ExemptFromHooking>	none-256 (Bytes)	none	No
CiscoCert	Cisco's certificate with the public key to encrypt External AES keys	None-4 (KB)	None	No	No
CustCert	Your certificate with the public key to encrypt internal AES keys and also to encrypt external AES keys This must be a PEM certificate type.	None-4 (KB)	None	Yes	No
MaxPayLoad	Maximum payload length of report posting request	1024 - 65535 (KB)	10240 KB	No	Yes
ServiceHost	Name of AnyConnect Secure Mobility service portal	None-1 (KB)	mus.cisco.com	No	No
ServiceProxy	Proxy server name and port for posting report with formatting of "proxy:port"	None-1 (KB)	none	No	No
OptIn	AnyConnect Secure Mobility /Telemetry feature enabled	Yes or No	No	No	Yes
ServiceName	Specifies the AnyConnect Secure Mobility service name	None-1 (KB)	TelemetryReport	No	No
RelativeURL	Relative URL of AnyConnect Secure Mobility service for report posting	None-1 (KB)	TelemetryReport	No	Yes
DetailLevel	Level of reporting URL details (Standard indicates full URL. Limited indicates store hostname and domain name of every path component.)	Standard or Limited	Limited	No	Yes
ExcludedDoamin	Contains a list of <Domain> elements that specify domain names of internal URLs	None - unlimited	none	No	Yes
Domain	Contains an internal URL that is exempt from telemetry reporting. For example: cisco.com. Child element of <ExcludedDomain>	none-1 (KB)	none	No	Yes
DebugLevel	Log message detail levels 0 - error only 1 - warnings 2 - states 3 - information 4 - debug 5 - all	0-5	1	No	No
ACTuserDebugLevel	Debug levels for hooking DLL (actuser.dll) 0 - No Log 1 - Debug Log	0-1	0	No	no

Example: AnyConnect Telemetry Client Profile

Refer to the following example to configure AnyConnect Telemetry:

<?xml version="1.0" encoding="UTF-8"?>

<Telemetry>

        <ServiceDisable>false</ServiceDisable>

        <MaxHistLog>100</MaxHistLog>

        <MaxHistDays>180</MaxHistDays>

        <AvCheckInterval>60</AvCheckInterval>

        <PostRetries>2</PostRetries>

        <ExemptFromHooking>

                <AppName>C:\Program Files\Cisco\CSAgent\bin\okclient.exe</AppName>

        </ExemptFromHooking>

        <CustCert>

-----BEGIN RSA PRIVATE KEY-----

MIICXQIBAAKBIQDO5BLlnIfNvuctLkunNIIlNNqB8AYW2X1CQ2UBd0IfJVjquf22

p1UoOUmPx1KqA2zWdqfUzVUqUQUCdZuVw+kWkXOMLVz7lNLpEjmU1PAOoqLeqoUe

NY3IzKInvLIzUQA6oOb8kvCPlN7n7mvjqC6wwvqjJaQCUYbL2/c/4qbIKQIDAQAB

AoIAqIQTjqc7Mlqv2222dOEpQoYtax8ywIqV/q3XQ4U2pOm7wULqLxIU+yIIj/dx

qT6ZIE80jLInUl2W7n1/7vCtylEIqzxKIwJAIOZf+q58KotInzPyIYITAAYU27Tf

qnoICOolwZYiDeXUCA7CWJXLm27oDqF5OlI+ImaUIeqyOUc8cZoUUUXtIQJBAM2J

WlDVI2mxxiIfq2ZtbUdpJzbqtwmEmPEnBEn8PqkqZndY1xdWW3JIuaIl7qQwwO2I

cDbUyM/mtVNvdMDKCjmCQQDTaJUkvB0LED51JIO3KmU8LIQq+4Mamej+qFIZVYiy

cFKfI+U0wqfIo4LILzP78OW4E2OmeaWqmza7VLC4aUUF

-----END RSA PRIVATE KEY-----

        </CustCert>

</Telemetry>