We want list of users of particular group who are connecting Global protect.
Reason behind this requirement is to get number of users from particular group who are connecting GP. So accordingly we can purchase the licence for 2FA from third party vendor.
We have added multiple groups for GP authentication , if 100 users in HOD group and from them only 50 users connecting GP.
We want list of those 50 users.
I have not seen any direct link to display this but you could add a portal agent config for each group. just clone the default config (if you have one ) and add each group to the config selection criteria.
So your portal would have an agent config named "HOD" and the user/user group under selection criteria would also be "HOD".
you will then be able to run a custom report on GlobalProtect and use the filter builder "Description Contains HOD"
Or... If you are forwarding to syslog then you could import all group members into a file and using a "while do" loop grep the logs.
in the logs there's no direct correlation between the username and group membership, the group is used more like an access list to be allowed to authenticate
so if you add the HOD group to their own gateway (create a new gateway and only allow that group to use that gateway) you will be able to quickly generate a report or manually inspect the GlobalProtect logs for anyone using that gateway
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!