how to check list of users of particular group who are connecting Global protect.

Reply
Deepak_K
L3 Networker

how to check list of users of particular group who are connecting Global protect.

We want list of users of particular group who are connecting Global protect.

Reason behind this requirement is to get number of users from particular group who are connecting GP. So accordingly we can purchase the licence for 2FA from third party vendor.

We have added multiple groups for GP authentication , if 100 users in HOD group and from them only 50 users connecting GP.
We want list of those 50 users.

MickBall
L7 Applicator

I have not seen any direct link to display this but you could add a portal agent config for each group.  just clone the default config (if you have one ) and add each group to the config selection criteria.

 

So your portal would have an agent config named "HOD" and the user/user group under selection criteria would  also be "HOD".

you will then be able to run a custom report on GlobalProtect and use the filter builder  "Description Contains HOD"

 

Or...  If you are forwarding to syslog then you could import all group members into a file and using a "while do" loop grep the logs.

 

reaper
L7 Applicator

in the logs there's no direct correlation between the username and group membership, the group is used more like an access list to be allowed to authenticate

so if you add the HOD group to their own gateway (create a new gateway and only allow that group to use that gateway) you will be able to quickly generate a report or manually inspect the GlobalProtect logs for anyone using that gateway

Tom Piens - PANgurus.com
Like my answer? check out my book! amazon.com/dp/1789956374
Abdul-Fattah
L3 Networker

you can check the list of users who are connecting or previously were connected to GP from: Network > Globalprotect > Gateway> Remote user > previuos user, you can search for the group you want or you can export the list and do the search and processing that meet your requirements.

 

MickBall
L7 Applicator

@Abdul-Fattah 

I cannot see the group listed in previous users, what version??

I only get these columns..

 

MickBall_0-1610548816606.jpeg

 

Abdul-Fattah
L3 Networker

@MickBall 

<p>&nbsp;Primary Username field you should be able to seen the Domain and above in the search field you can enter the domain to filter only the wanted users</p>

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!