View User to IP Address or User Groups Mappings
Focus
Focus

View User to IP Address or User Groups Mappings

Table of Contents

View User to IP Address or User Groups Mappings

Prisma Access Insights allows users to view user to IP address or user to groups mapping in real time for Mobile Users, Remote Networks, and Service Connections.
Prisma Access Insights lets you view the user to IP address or user to groups mapping for Mobile Users in real time. For Remote Networks and Service Connections, you can view the user to user groups mappings.
The inverted triangles on the map are color-coded to indicate Prisma Access location status:
  • Green: All instances are up.
  • Red: All instances are down.
  • Yellow: Instances are a combination of up, down, and unknown, and may require your attention.
  • Gray: All instances are unknown.
  1. From the Summary dashboard, select the Map View.
  2. Hover your mouse cursor over a location until a popup dialog appears.
  3. Select View User ID, User Groups & IP Mapping from the dialog. The UserID and User Group Distribution Check dialog opens.
  4. Select the Prisma Access Location and Node Type. The Prisma Access Location filter is not taken into consideration when the Node Type is Mobile Users (GlobalProtect).
    For Remote Networks and Service Connections, you can only see user ID to user group mappings.
    1. Select a Prisma Access Location. If the Prisma Access Location you select does not have any associated remote networks or service connections, you see a “No Data Available” message in the Remote Networks Site field or Service Connections Site field, as the case may be, and the Show User Groups and Export to CSV buttons are disabled.
    2. From Node Type, select Remote Networks or Service Connections.
    3. From the Remote Networks Site or Service Connections Site field, select the site from which you want to retrieve the data.
    4. In View, select whether you want to see which user groups a User ID belongs to (User) or which users are a part of a particular Group (Group) associated with the site.
      • If you select User, enter the user’s User ID (for example, saas\testuser3) to get the user ID to user group mapping, then select Show User Groups. A list of all the groups that the user ID belongs to is displayed under User ID-IP Mappings.
        You can search for a specific group by typing the group name or a string that is contained within the group name you want to find by entering it in the User Group text box. If you search for a group that does not exist, you see an error saying, “No data is available.” You can also sort the list of groups by toggling the arrows icon next to User Group. You can select the number of entries you want to display, as well as scroll through pages by clicking the forward and back arrows.
        If you select Groups, selecting Show User-Group Mappings displays all the groups that are available in the site under All User Groups in <selected_site>. If you select a group, all users belonging to the group are displayed in the right pane. The Export to CSV button becomes activated, and you can export all the users belonging to that group into a CSV file. The exported CSV file contains all the entries for the group, even if they are not displayed in the UI at the time of export.
        You can search for a specific group by typing the group name or a string that is contained within the group name you want to find by entering it in the User Group text box. If you search for a group that does not exist, you see an error saying, “No data is available.” You can also sort the list of groups by toggling the arrows icon next to User Group. You can select the number of entries you want to display, as well as scroll through pages by selecting the forward and back arrows.
    Node Type: Mobile Users (GlobalProtect)
    You can see user ID to IP mapping as well as the user ID to user group mapping. The Prisma Access Location filter is not taken into consideration when the selected Node Type is Mobile Users (GlobalProtect). Instead, Prisma Access Insights uses the GlobalProtect gateway IP address to look for the data.
    1. Enter a GlobalProtect IP gateway address in the Gateway text box.
    2. Select whether you want to View data for user ID to user IP mapping (Users) or user ID to user group mappings (Groups) for users who are connected to your specified GlobalProtect gateway.
      If you selected Users, select Show UserID-IP Mappings. A table of user ID to their user IP mapping is displayed along with the Timeout, which shows you for how long (in seconds) the user ID to user IP entry is valid. Selecting a particular user displays the groups that the user belongs to. Selecting a group shows every user that belongs to that group. It also enables the Export to CSV button, which allows you to export all the users in that group regardless of any filtered view displayed in the UI.
      If you selected Groups, choose Show User-Group Mappings. A list of all user groups belonging to that GlobalProtect gateway appears under User Group. Selecting a user group displays all users belonging to that group in the right pane. It also enables the Export to CSV button, which allows you to export all the users in that group regardless of any filtered view displayed in the UI.