: View User to IP Address or User Groups Mappings
Focus
Focus

View User to IP Address or User Groups Mappings

Table of Contents

View User to IP Address or User Groups Mappings

Prisma Access Insights
allows users to view user to IP address or user to groups mapping in real time for Mobile Users, Remote Networks, and Service Connections.
Prisma Access Insights
lets you view the user to IP address or user to groups mapping for Mobile Users in real time. For Remote Networks and Service Connections, you can view the user to user groups mappings.
The inverted triangles on the map are color-coded to indicate
Prisma Access
location status:
  • Green: All instances are up.
  • Red: All instances are down.
  • Yellow: Instances are a combination of up, down, and unknown, and may require your attention.
  • Gray: All instances are unknown.
  1. From the
    Summary
    dashboard, select the
    Map View
    .
  2. Hover your mouse cursor over a location until a popup dialog appears.
  3. Select
    View User ID, User Groups & IP Mapping
    from the dialog. The
    UserID and User Group Distribution Check
    dialog opens.
  4. Select the
    Prisma Access
    Location
    and
    Node Type
    . The
    Prisma Access
    Location filter
    is not taken into consideration when the
    Node Type
    is
    Mobile Users (GlobalProtect)
    .
    For Remote Networks and Service Connections, you can only see user ID to user group mappings.
    1. Select a
      Prisma Access
      Location
      . If the
      Prisma Access
      Location you select does not have any associated remote networks or service connections, you see a “No Data Available” message in the
      Remote Networks Site
      field or
      Service Connections Site
      field, as the case may be, and the
      Show User Groups
      and
      Export to CSV
      buttons are disabled.
    2. From
      Node Type
      , select Remote Networks or Service Connections.
    3. From the
      Remote Networks Site
      or
      Service Connections Site
      field, select the site from which you want to retrieve the data.
    4. In View, select whether you want to see which user groups a User ID belongs to (User) or which users are a part of a particular Group (Group) associated with the site.
      • If you select
        User
        , enter the user’s
        User ID
        (for example, saas\testuser3) to get the user ID to user group mapping, then select
        Show User Groups
        . A list of all the groups that the user ID belongs to is displayed under
        User ID-IP Mappings
        .
        You can search for a specific group by typing the group name or a string that is contained within the group name you want to find by entering it in the
        User Group
        text box. If you search for a group that does not exist, you see an error saying, “No data is available.” You can also sort the list of groups by toggling the arrows icon next to
        User Group
        . You can select the number of entries you want to display, as well as scroll through pages by clicking the forward and back arrows.
        If you select
        Groups
        , selecting
        Show User-Group Mappings
        displays all the groups that are available in the site under
        All User Groups in
        <selected_site>
        . If you select a group, all users belonging to the group are displayed in the right pane. The
        Export to CSV
        button becomes activated, and you can export all the users belonging to that group into a CSV file. The exported CSV file contains all the entries for the group, even if they are not displayed in the UI at the time of export.
        You can search for a specific group by typing the group name or a string that is contained within the group name you want to find by entering it in the
        User Group
        text box. If you search for a group that does not exist, you see an error saying, “No data is available.” You can also sort the list of groups by toggling the arrows icon next to
        User Group
        . You can select the number of entries you want to display, as well as scroll through pages by selecting the forward and back arrows.
    Node Type
    :
    Mobile Users (GlobalProtect)
    You can see user ID to IP mapping as well as the user ID to user group mapping. The
    Prisma Access
    Location
    filter is not taken into consideration when the selected
    Node Type
    is
    Mobile Users (GlobalProtect)
    . Instead,
    Prisma Access Insights
    uses the GlobalProtect gateway IP address to look for the data.
    1. Enter a GlobalProtect IP gateway address in the
      Gateway
      text box.
    2. Select whether you want to
      View
      data for user ID to user IP mapping (
      Users
      ) or user ID to user group mappings (
      Groups
      ) for users who are connected to your specified GlobalProtect gateway.
      If you selected
      Users
      , select
      Show UserID-IP Mappings
      . A table of user ID to their user IP mapping is displayed along with the
      Timeout
      , which shows you for how long (in seconds) the user ID to user IP entry is valid. Selecting a particular user displays the groups that the user belongs to. Selecting a group shows every user that belongs to that group. It also enables the
      Export to CSV
      button, which allows you to export all the users in that group regardless of any filtered view displayed in the UI.
      If you selected
      Groups
      , choose
      Show User-Group Mappings
      . A list of all user groups belonging to that GlobalProtect gateway appears under
      User Group
      . Selecting a user group displays all users belonging to that group in the right pane. It also enables the
      Export to CSV
      button, which allows you to export all the users in that group regardless of any filtered view displayed in the UI.

Recommended For You