- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
04-18-2018 11:18 AM
04-18-2018 12:00 PM
You can get the info from CLI, I don't think there is a built-in or custom report option that gives you that detail.
Run:
show global-protect-gateway previous-user
You'll get an output like (some details obfuscated):
Tunnel Name : GP-Gateway Domain-User Name : \gwesson Computer : Greg's Phone Client : Apple iOS 11.2.6 VPN Type : Device Level VPN Mobile ID : f106...1b63 Client OS : iOS Private IP : 172.20.30.47 Private IPv6 : :: Public IP (connected) : 192.0.2.1 Public IPv6 : :: ESP : exist SSL : none Login Time : Mar.04 14:52:44 Logout/Expiration : *Mar.04 14:53:05 Reason : client logout Domain-User Name : \gwesson Computer : Greg's Computer Client : Apple Mac OS X 10.13.3 VPN Type : Device Level VPN Mobile ID : Client OS : Mac Private IP : 172.20.30.48 Private IPv6 : :: Public IP (connected) : 192.0.2.2 Public IPv6 : :: ESP : removed SSL : exist Login Time : Apr.11 17:51:36 Logout/Expiration : *Apr.11 20:52:32 Reason : user session expired
You should be able to get the same data via XML API, or even something like an Expect script. You can also replace "previous-user" with "current-user" to see the users that have not logged out.
04-18-2018 12:00 PM
You can get the info from CLI, I don't think there is a built-in or custom report option that gives you that detail.
Run:
show global-protect-gateway previous-user
You'll get an output like (some details obfuscated):
Tunnel Name : GP-Gateway Domain-User Name : \gwesson Computer : Greg's Phone Client : Apple iOS 11.2.6 VPN Type : Device Level VPN Mobile ID : f106...1b63 Client OS : iOS Private IP : 172.20.30.47 Private IPv6 : :: Public IP (connected) : 192.0.2.1 Public IPv6 : :: ESP : exist SSL : none Login Time : Mar.04 14:52:44 Logout/Expiration : *Mar.04 14:53:05 Reason : client logout Domain-User Name : \gwesson Computer : Greg's Computer Client : Apple Mac OS X 10.13.3 VPN Type : Device Level VPN Mobile ID : Client OS : Mac Private IP : 172.20.30.48 Private IPv6 : :: Public IP (connected) : 192.0.2.2 Public IPv6 : :: ESP : removed SSL : exist Login Time : Apr.11 17:51:36 Logout/Expiration : *Apr.11 20:52:32 Reason : user session expired
You should be able to get the same data via XML API, or even something like an Expect script. You can also replace "previous-user" with "current-user" to see the users that have not logged out.
04-18-2018 01:23 PM
As @gwesson already pointed out this isn't a simple custom report that can be built directly on the firewall. You would need to utilize the XML API (or CLI) to get the information that you are looking for. This would then need to be compiled by yourself into a more 'pretty' solution if it needs to go up the chain at all.
04-18-2018 01:25 PM
It turns out these reports won't work as we had intended - the connection is not being closed when the user shuts down their computer, so the logout is inaccurate. I appreciate the assistance though.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!