UserID information

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

UserID information

L4 Transporter

Is there a way to pull the UserID information from the Palo alto logs concerning VPN users?

8 REPLIES 8

L7 Applicator

User ID is out there

running freely across the wind

turning,churning,yearning,learning..

 

sorry wrong post... ha ha..

 

Hi @jdprovine

 

have you enabled "User Identification" on the VPN zone or have i missed your point...

@Mick_Ball

Yes userid is enabled on the VPN but some one else needs the information for another program that manages accounts

do they need traffic logs or connection logs...

 

if you filter traffic logs "from zone" = (your vpn zone) do you see the source users...

@jdprovine,

The command 'show user user-ids all' will display the active user-id mappings for the firewall, however will not be limited specifically to your VPN users. The command 'show global-protect-gateway current-user' and 'show global-protect-gateway previous-user' will display any users who reciently connected. All of these can be grabbed from the API. 

 

Hopfully that includes the information that they are looking for. 

@BPry

So that would allow the user administrator to pull the VPN userid information from the PA into another program he has

@jdprovine,

If you generated the API call and captured the results it really depends on the program that he's using if it will accept the firewalls output. My guess would be that it would be capable of doing so, but can't be sure. 

@BPry

I think it may be a home grown program unfortunately I don't know I will see if I can find out

@jdprovine,

That would actually be better; if it's something home grown they should be able to build a way to accept the XML output from the firewall easily enough. 

  • 3012 Views
  • 8 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!