LMS 4.2.2 - Compliance Policy and PSIRT/EOX Job Report

Similar Messages

• LMS 4.2.3 baseline compliance template and standard ACL

  When using a baseline compliance template to check and deploy a standard ACL, I encountered what seems to be a bug:
  I configured a template with these commands:
  +ip access-list standard 21
  +; Hosts allowed access
  +  permit host 10.20.30.40
  +  permit host 40.30.20.10
  +  deny any log
  When I do compliance check and deployment, the last line is dropped by LMS.
  In fact, when I look into the job's "Work Order", the commands are:
  ip access-list standard 21
  ; Hosts allowed access
    permit host 10.20.30.40
    permit host 40.30.20.10
  After the job run, "show running-config" shows the access list matching the "Work Order" (without the "deny any log" command.)
  Is this a bug?

  Doesnt have any issues on my Lab 4.2.4. following is the Job Work order :
  Name:
  Archive Mgmt Job Work Order
  Summary:
  General Info
  JobId: 2704
  Owner: admin
  Description: test_acl
  Schedule Type: Immediate
  Job Type: Compliance Check
  Baseline Template Name: test_acl
  Attachment Option: Disabled
  Report Type: NAJob Policies
  ----------------------------------------------------------------------------------------------E-mail Notification: Not Applicable
  Job Based Password: DisabledDevice Details
  Device
  Commands
  Sup_2T_6500
    ip access-list standard 21
    permit host 10.20.30.40
    permit host 40.30.20.10
    deny any log
  10.104.149.180
    ip access-list standard 21
    permit host 10.20.30.40
    permit host 40.30.20.10
    deny any log
  Check your template, or export it and share, i will try it on my LMS server. also, check the same complaince job on other devices if you have such issues.
  -Thanks
  Vinod
  **Rating Encourages contributors, and its really free. **

• Upgrade from LMS 3.0.1 to LMS 3.1 or 3.2 and problem with devices update

  Hello
  How to upgrade from LMS 3.0 December 2007 update to LMS 3.1 or LMS 3.2. The problem is the large number of C2960S-24TS-L  switches that my organization has and cannot managed them..
  I tried to upgrade devices through Software Center but always Ciscoworks informs me with the following message.
  "Error while downloading package information from Cisco.com for the selected  products. See the log file for details".
  Also i can not run EOL/EOS inventory report. The message is
  " INVREP0102: Cisco.com user credentials are invalid. Enter correct credentials." I check my credentials and is right.
  The server  has access to www through proxy without any restrictions.
  In the past I've already updated devices through the software center. Also in the past i ve run EOS/EOL inventory reports.
  The LMS 3.0 December 2007 has the following products
  LMS
  3.0.1
  16 May 2008
  CiscoWorks  Common Services
  3.1.1
  02 Jul 2009, 07:44:58 EEST
  2.
  Campus  Manager
  5.0.5
  11 Oct 2009, 07:36:10 EEST
  3.
  CiscoView
  6.1.7
  02 Jul 2009, 07:45:05 EEST
  4.
  CiscoWorks  Assistant
  1.0.1
  02 Jul 2009, 07:45:05 EEST
  5.
  Device Fault  Manager
  3.0.5
  12 Jun 2010, 07:31:48 EEST
  6.
  Internetwork Performance Monitor
  4.0.1
  02 Jul 2009, 07:45:11 EEST
  7.
  Integration  Utility
  1.7.1
  02 Jul 2009, 07:45:14 EEST
  8.
  LMS Portal
  1.0.1
  02 Jul 2009, 07:45:16 EEST
  9.
  Resource  Manager Essentials
  4.1.1
  02 Jul 2009, 07:45:17 EEST
  Has anyone knows what can be the problem??.
  Thanks

  Hi,
  the problem to access cisco.com is because of a "bug". Its ID is CSCto46927.
  http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCto46927
  Symptom:
  After the 16th of June 2011 LMS will no longer  be able to download Software and Device Package updates, or PSIRT and  End of Sale/Life information from CCO
  Conditions:
  Hosted  services in Cisco.com that are being leveraged by LMS, for downloading  the latest Software and Device Package updates, as well as the PSIRT and  End of Sale/Life information are being migrated to a new framework and  the old services will be retired.
  This will affect all LMS 3.x and 4.x versions.
  Refer to https://supportforums.cisco.com/docs/DOC-16806 for more information
  Workaround:
  Users of LMS 3.2.1 , 4.0 should install the patch that can be downloaded from cisco.com
  Users of earlier version will need to upgrade to LMS 3.2 and then install the LMS 3.2 SP1 patch set before installing the patch"
  Because of that it is necessary to upgrade not only to 3.1 or 3.2, you need 3.2.1 to get the patch and then access to cisco.com again.
  The question about the better way for updating I can't answer. I did a update to 3.1 and then to 3.2. But I think you will find the requirements for the updates in the notes for them.
  But I can't find LMS 3.1 in the cisco download center. There is only 3.2 and 3.2.1 available for me.
  Sven

• Lms 4.1 prime psirt/eox no data available in the report

   Hi:
  I´m running LMS 4.1 Prime for Windows.
  I tried an immediate report with PSIRT/EOX Report option: Cisco.com
  The job succeeded, but without any data in the report
  <TABLE style="WIDTH: 100%" border=0 cellSpacing=2 cellPadding=2 align=right mcestyle="width: 100%;">
  No data available in the report. The problem could be any one of the following:
  <TD style="COLOR: #686868" bgColor=#ffffff height=24 vAlign=top align=left mcestyle="color: #686868;">1. No PSIRT data available in the LMS database for the selected device(s).
  2. PSIRT/EOX system job might not have run, or might have failed.
  3. You might have entered the wrong cisco.com credentials.
  Then I tried logging to Cisco.com (with the same user/password as configured in LMS) and download the <SPAN style="FONT-FAMILY: Times-Roman; FONT-SIZE: 10pt" mcestyle="font-family: Times-Roman; font-size: 10pt;"><SPAN style="FONT-FAMILY: Times-Roman; FONT-SIZE: 10pt" mcestyle="font-family: Times-Roman; font-size: 10pt;">PSIRT_EOX_OFFLINE.zip file.
  <SPAN style="FONT-FAMILY: Times-Roman; FONT-SIZE: 10pt" mcestyle="font-family: Times-Roman; font-size: 10pt;"><SPAN style="FONT-FAMILY: Times-Roman; FONT-SIZE: 10pt" mcestyle="font-family: Times-Roman; font-size: 10pt;">I unzipped it and put it in the folder C:/PROGRA~1/CSCOpx/files/rme/jobs/inventory/reports/EOX_PSIRT/local_xml (please read \ instead of /, because it is wrong in the LMS display).
  <SPAN style="FONT-FAMILY: Times-Roman; FONT-SIZE: 10pt" mcestyle="font-family: Times-Roman; font-size: 10pt;"><SPAN style="FONT-FAMILY: Times-Roman; FONT-SIZE: 10pt" mcestyle="font-family: Times-Roman; font-size: 10pt;">I set SIRT/EOX Report option: local
  And again, the job succeeded, but without any data in the report (same message as before)
  What do you think is happening? How could I debug the process?
  Thanks a lot
  Julio
  PD: I`m selecting old devices to be sure that they already had an EOL/EOS.

  Sorry, the copy/paste didn´t work as expected, here it is again:
  Hi:
  I´m running LMS 4.1 Prime for Windows.
  I tried an immediate report with PSIRT/EOX Report option: Cisco.com
  The job succeeded, but without any data in the report
  No data available in the report. The problem could be any one of the following:
  1. No PSIRT data available in the LMS database for the selected device(s).
  2. PSIRT/EOX system job might not have run, or might have failed.
  3. You might have entered the wrong cisco.com credentials.
  Then I tried logging to Cisco.com (with the same user/password as configured in LMS) and download the PSIRT_EOX_OFFLINE.zip file.
  I unzipped it and put it in the folder C:/PROGRA~1/CSCOpx/files/rme/jobs/inventory/reports/EOX_PSIRT/local_xml (please read \ instead of /, because it is wrong in the LMS display).
  I set SIRT/EOX Report option: local
  And again, the job succeeded, but without any data in the report (same message as before)
  What do you think is happening? How could I debug the process?
  Thanks a lot
  Julio
  PD: I`m selecting old devices to be sure that they already had an EOL/EOS.

• Exception in a compliance policy

  Hello all,
  As part of my operational compliance policy definition, I want to create a policy and deploy it to a set of servers. for ex:
  I want to create a policy for a collection of windows servers to disable SMTP service on all of them but create an exception within the policy to identify the 'SMTP server' itself so the mail server can send emails while others shouldn't (perhaps a poor
  example to explain my scenario but I hope you understood where I want to go)
  But while creating my compliance policy in sccm 2012, I did not find an option to create any kind of exception. I did some research and all I came across was firewall exceptions or something similar but even then, it was not done within the 'compliance settings'
  but rather in a GPO policy or other places.
  Any help here? thanks

  It's not "straight forward", it's by in general design of how ConfigMgr works:
  You do things that you want to deploy (applications, baselines..)
  You deploy your things to the targets (collections)
  There's always the thing you want to do and the target where you want your thing to be done.

• LMS 4.0 and EoS/EoL Hardware report not working..

  Hi guys,
  our LMS server has proxy access to the internet but running a EoS/EoL hardware report results in:-
  No data available in the report. The problem could be any one of the following:
  1. No EoS/EoL hardware data available in the LMS database for the selected device(s).
  2. PSIRT/EOX system job might not have run, or might have failed.
  3. You might have entered the wrong cisco.com credentials.
  I tried doing it manually by downloading the psirt_eox_offline.txt to the relevant directory and changing the EoS/ EoL configuration to 'local server' on our LMS server but I still get the above message.
  I know for a fact we are running devices that have recently been announced by cisco as going EoL and or EoS eg 3750 switches and 2800 series routers so I was expecting to see something in the report.
  How can I get this working successfully?
  Thanks in advance
  Trevor

  Problem is now fixed.
  I disabled 'use proxy server' and its now working.

• Compliance Policy Center - Document Deletion Policies option is not yet enabled

  Hello,
  I have configured Compliance Policy Center for my Online tenant. Created a policy and assigned it to a Site Collection.
  I am trying to view policy assigned to Site Collection from Site Settings > Document Deletion Policies (as mentioned in
  https://technet.microsoft.com/en-us/library/dn790608.aspx   ) however this setting is not yet displayed. technet article says, it takes 24 hours once you assign a policy, but its almost
  a week have been spent. Still not yet displayed.
  Kindly assist me to get it done.
  Thanks,
  Mayank Nigam

  Hi Mayank,
  As a common practice, it is recommended to dig into the ULS logs cause it will give us more details about this issue. However, as it is an online environment hosted in the cloud by Microsoft, there is
  no method to get the log files from client side.
  Since this is an issue more relate to Office 365 SharePoint Online, I suggest you open a thread in Office 365 forum, you will get more help and confirmed answers there:
  http://community.office365.com/en-us/forums/default.aspx
  Or you can contact Office 365 Support, it may involve the backend support engineer and provide more professional support on SharePoint Online issue:
  https://support.office.com/en-us/article/Contact-Office-365-for-business-support-32a17ca7-6fa0-4870-8a8d-e25ba4ccfd4b
  Thanks         
  Patrick Liang
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• In vpd_admin user I have just tried to delete the policy and it doesnt dele

  In the dtabase in vpd_admin user I have just tried to delete the policy and it doesnt delete.
  Just sits there .
  (This works on the live system, just checked.)
  non working system looks like:
  Connected to:
  Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - Production
  With the Partitioning, OLAP, Data Mining and Real Application Testing options
  SQL> begin
  dbms_rls.drop_policy( 'CF', 'CF_PARTICIPANT_MENTOR', 'CF_PM_POL' );
  exception
  when others then null;
  2 3 4 5 end;
  6
  begin
  ERROR at line 1:
  ORA-01013: user requested cancel of current operation
  I have looked in the alert_pathway.log , error.log access.log for errors and found no obvious ones.
  Not sure where to look,
  originally posted in APEX as a problem with APEX
  I found this on a 3.2 apex install on a development machine 1 have a number of workspaces.
  in one workspace in which I have been developing 3 applications and in which I have VPD enabled.
  When I click next after choosing table name in create form form table it times out.
  It does not take you to the page where you enter or confirm the page number, page name, etc.
  I have tried another workspace on the same server and it works to fcreate the form.
  On a separate machine/install the same workspace which does not work above to create form form table does work.
  The VPD setup is not identical in this workspace, but very similar.
  I surmise it is an issue with that workspace, possibly but not certainly with the new VPD , the table has these settings in vpd
  GRANT SELECT ON CF.CF_PARTICIPANT_MENTOR to vpd_admin;
  create or replace function cf_admin ( p_schema in varchar2, p_object in varchar2 )
  return varchar2
  as
  l_x number;
  begin
  SELECT count(MENTOR_ID) into l_x FROM CF.CF_MENTORS where MENTOR_ID = nvl(v('APP_USER'),USER) and ROLES = 0;
  if l_x >0 then
  return '';
  end if;
  return 'PARTICIPANT_ID =''CF''';
  end;
  DBMS_RLS.add_policy
  (object_schema => 'CF',
  object_name => 'CF_PARTICIPANT_MENTOR',
  policy_name => 'CF_PM_POL',
  function_schema => 'vpd_admin',
  policy_function => 'cf_admin',
  statement_types => 'INSERT,DELETE,SELECT,UPDATE');
  END;
  I have looked in the alert_pathway.log , error.log access.log for errors and found no obvious ones.
  Form creation works in other workspace, and in the same workspace on another instance.
  Thanks for your guidance
  Frank

  A free account is never charged, if you have any charges in your Bank account without your knowledge from Adobe, I would request you to provide the following details by private message so that I can get it investigated.
  1. Adobe ID
  2. Last four digit of credit card
  3.Credit card name (visa/mastercard/Amex)
  If after investigation we are unable to detect the charges then you need to dispute the amount with Bank as it might can be case of Fraud.
  Regards
  Rajshree

• Retention Policy and Managed folder based retention

  What is difference between "Retention Policy/ Policy Tags" and " Managed Content Settings"?
  In my setup , my managed folder folder become general folder after following steps
  1. Created Managed folder
  2. Created managed content settings for IPM.post and IPM.Appointment with retention action "Delete and Allow recovery".
  3. Created managed policy and applied to 1 mailbox, and this is working properly
  But After that,
  1. Created 3 retention tags(1 for inbox, 1 for sent, 1 personal).
  2. Created retention policy combining these 3 tags.
  3. Applied to SAME mailbox
  4. Ran 'ManagedFolderAssitant'
  **After this, Managed folder become general outlook folder.
  So, cant I have "Managed folder based retention for managed folders" and General retention for "Inbox,Sent"

  Exchange 2010 RTM introduced Retention Policies as the successor to the Message Records Management (MRM) technology introduced in Exchange 2007. MRM was the successor to Mailbox Manager Policies in Exchange 2003. Message Records Management is called MRM
  1.0 and Retention Policies is being called MRM 2.0 for short. MRM 1.0 as well as MRM 2.0 are both available in Exchange 2010. Only difference is we can manage Retention Policies from the EMC and EMS, but the Managed Folder Mailbox Policy is only Managed from
  the EMS through cmdlets in Exchange 2010 SP1.
  It completely depends on your requirements when to use MRM 1.0 and when to Use MRM 2.0.
   Certain new features are added in MRM 2.0 (Retention Policy) which allow us to manage our mailbox email items at very granular level. But if we are still happy with earlier version MRM 1.0 then we can continue using Managed folder mailbox
  Policy in Exchange 2010.
  [ Note: If we are Using the Retention Policy (MRM 2.0) then we can view the expiry of  each and every email items of the folders on which the retention Policy is tagged and this can be only view from OWA and Outlook 2010, But this feature
  is not available  for  Managed Folder Mailbox Policy (MRM 1.0) ]
  We cannot use the Base Folder only switch in MRM 2.0 because it is TAG  specific (DPT, RPT, and PPT) not Managed Folder specific.
  Managed folder Mailbox Policy is folder specific this would be the major difference.
  Refer to this link :
  Retention policies vs Managed folders

• UCSM 2.1 Local disk configuration policy and raid volumes

  Hi!
  If i use Any configuration as local disk configuration policy and do the raid settings directly to the RAID-cards, am i able to have two raid volumes on C-series under UCSM management?
  What i would like to do with C240M3 with 6 local disks: 2 disk raid1 and 4 disk raid0
  So i would use:
  "Any Configuration—For a server configuration that carries forward the local disk configuration without any changes."
  As UCS servers Raid guide indicates:
  "Maximum of One RAID Volume and One RAID Controller in Integrated Rack-Mount Servers
  A rack-mount server that has been integrated with Cisco UCS Manager can  have a maximum of one RAID volume irrespective of how many hard drives  are present on the server. "
  Is this paragraph limitation of GUI not able to set several volumes or hard fact without "Any configuration" workaround?

  I did some testing about this issue:
  Changed Local Disk Configuration to "Any Configuration"
  Two virtual disks can be created from Raid card's WebBIOS
  These disks are visible to RedHat Installation.
  UCSM shows Any configuration for the Storage Local Disk policy
  Actual Disk Configuration has faulty information - WebBios is the only place to check the RAID status?
  Next step: I'll do the same for the production

• Deduplication: how to identify which files are "in-policy" (and which are not)?

  Dear experts,
  in eventlog I find the following information for one of my deduplicated volumes:
  Volume: F: (\\?\Volume{9794e270-fb08-487e-979b-8a08fa9ca311}\)
  Error code: 0x0
  Error message:
  Savings rate: 24
  Saved space: 853327714684
  Volume used space: 2681869406208
  Volume free space: 66771247104
  Optimized file count: 1199618
  In-policy file count: 1188049
  Job processed space (bytes): 0
  Job elapsed time (seconds): 2
  Job throughput (MB/second): 0
  Some things look strange to me: 
  - The savings rate is only 24% which looks odd because I get about 40% on other file shares with similar characteristics.
  - The "Optimized file count" is higher than the "in-policy" file count.
  - The volume has about 3.5 million files but only 1.1 million files are "in-policy".
  My understanding of "in-policy" files is that all files are in-policy which are older than 3 days (if not configured different, which is not the case) and which are not contained in an excluded folder (nothing configured here) and which have no
  excluded file extension (nothing configured here apart from the default). Right?
  I'm sure that only a small fraction of the files on this volume are younger than three days, so something seems to be wrong there, but I have no idea how to find the cause of the problem.
  Is there any way to identify the files (full path) which are considered to be not "in-policy"?
  How can I find out if the optimization process really looks at all files - and doesn't skip a million?
  Thanks!
  Regards
  Christoph

  Mandy, thanks for your feedback! I've read these technet articels, but I couldn't learn something really helpfull related to my problem there. To make investigation of the problem easier I did the following:
  - created a brand new empty volume (x:) on the same server
  - enabled data deduplication on that volume with a minimal file age of 0 days
  - copied about 2GB of data from the problem-volume in 15450 files to this new volume
  - started "Start-DedupJob x: -Type Optimization -Memory 50"
  After a few seconds that job completed and I got the following result:
  Volume: X: (\\?\Volume{d1ba9ed8-28f1-44d1-9535-fe603d6a70c6}\)
  Error code: 0x0
  Error message:
  Savings rate: 0
  Saved space: 12360718
  Volume used space: 3091664896
  Volume free space: 7610097664
  Optimized file count: 153
  In-policy file count: 153
  Job processed space (bytes): 46095214
  Job elapsed time (seconds): 9
  Job throughput (MB/second): 4.88
  The question is: why are only 153 files in-policy?
  All files (of more than 15000) are of course "older than 0 days", there are no excluded folders configured, there are no excluded extensions configured, no file has one of the default excluded extensions and more than 1000 files are bigger than 100kB
  (minimal size for deduplication is 32kB). So what makes only 153 files qualify for deduplication?
  My impression is that there are further undocumented requirements which have to be met by a file to qualify for deduplication. But if there's no detailed log of an optimization run available how to find out what's going on?
  (Or is something going wrong on my server?)
  Kind Regards
  Christoph

• Group Policy and GroupWise Attachments

  My company uses the "Run only allowed Windows Applications" feature from Group Policy to lock down what can be run on our workstations. We have 2 main policies, a standard (lockdown) policy and an admin (open) policy.
  Ever since a 7.0.2 GroupWise client/server upgrade, under my lockdown policy some of my users have complained that when they click the attachment button in GroupWise it no longer goes to the location of the last attached document, instead it goes to a default location. It might be the D drive, the GroupWise directory, it changes from computer to computer. I have confirmed that this is the behavior of the lockdown policy, and when I switch to the open policy the attachment button goes to the previous attachment location as is expected.
  I've placed addrbook.exe, grpwise.exe, gwmailto.exe, gwreload.exe, gwsync.exe and notify.exe in my allowed list for executables and can't figure out what I might be missing. In the past I ahve found OCX and DLL files that have had to be specifically added to the policies as well to get certain functions to work, is it possible that this may be the case in my situation or could it be a completely different policy that I should be looking at?
  I'm getting ready to push the 8.0.2 clients to my users and this is something that I'd like to try to resolve before I do that push. Thanks!

  I just tore apart my group policy and found that using the Hide These Specific Drives and hiding the C: drive is what is causing this attachment behavior issue. Any ideas why it is causing this and any possible work arounds other than unhiding the C: drive?

• In Cisco IronPort WSA, what is the difference of an Access Policy, and an Identity?

  Hi Everyone,
  I am currently setting up a custom access for a particular subnet.
  What I did is to create a new identity for them, then allowed only specific URL categories for them. Note that the subnet is already allowed to access the internet through Global access policy.
  What will be the difference if I rather created a new Access Policy for the subnet?
  And technically, what's the difference of an Access Policy and an Identity?

  This was not my question. I asked if using the Marginal in Printing will you have a frame around the image?
  I think you're confused about which thread you are posting to.  "Wully bully" started this thread by asking about identify plates and watermarks, and I replied to Wully bully's post.
  Nevertheless, your question too about printing is best asked in the main LR forum, not here.

• LMS 4.2.4 Threshold Settings and High Severity Faults

  Hi,
  I have implement the LMS 4.2.4 few months back. I tried to setup the unreachable alert when some switch is down. I understand that the new LMS do not have the feature and it only can send out alert when reach some threshold.
  I tried to click on the Fault > Threshold Settings and getting the below error message.
  Cannot retrieve the list of groups from the grouping service.
  Please check the PTMClient.log file for more details.
  I have attached the log files. Anyone know how can I resolve it? Really completely out of idea.

  your server has CTM errors as following :
  27 May 2014|15:09:37.137|ERROR|PTMClient_Log|Thread-53|PTMOGSInteractor|getThresholdGroupFilter|.|CTMRequestProcessor::handleRequest() : java.lang.NoSuchMethodException
  27 May 2014|15:09:37.139|ERROR|PTMClient_Log|Thread-53|PtmThresholdAction|perform|.| Exception occurred while applying OGS filterCTMRequestProcessor::handleRequest() : java.lang.NoSuchMethodException
  27 May 2014|15:09:37.139|ERROR|PTMClient_Log|Thread-53|PtmThresholdAction|perform|.|java.lang.Exception: CTMRequestProcessor::handleRequest() : java.lang.NoSuchMethodException
  at com.cisco.nm.trx.ptm.ui.PTMOGSInteractor.getThresholdGroupFilter(PTMOGSInteractor.java:314)
  It may be a corrupt DFM DB which may lead you to re-initialize your DFM DB, procedure here.
  Mostly such CTM errors are sometime due to some port clash or resource crunch, try to remove/disable any unwanted third part software, specially Antivirus and Active scan for sometime and reboot your server to see it goes away. 

• Audit Policy and Event Viewer

  Hi everyone,
  I'm a junior IT auditor seeking for answers about audit policy and event viewer.
  First of all I would like to know what are the difference of log that we obtain from audit policy and event viewer?
  I would like to know that can event viewer show these logs:
  Audit account logon events
  Audit account management
  Audit directory service access
  Audit logon events
  Audit object access
  Audit policy change
  Audit privilege user
  Audit process tracking
  Audit system events
  Thanks in advanced :)

  Hi sally_scrubb,
  As you said, if you configure audit policy, it can provide broad security audit capabilities for client computers and servers. And if you configure this policy, you will find the related events in the Event Viewer.
  For your information, please refer to the following article:
  Audit Policy Settings Under Local Policies\Audit Policy
  In this article, you can find the several links which deliver more detailed information about the items which were listed in your post. From the links, you can learn how to configure the item, what you can get from the item, and the related events about
  the item.
  Hope that helps!
  Regards,
  Lany Zhang