1. Home
    2. Prisma
    3. Prisma Access
    4. Prisma Access Insights
    5. Insights in Prisma Access
    6. Monitor Your Prisma Access Environment
    7. View User to IP Address or User Groups Mappings

    View User to IP Address or User Groups Mappings

    Prisma Access Insights lets you view the user to IP address or user to groups mapping for Mobile Users in real time. For Remote Networks and Service Connections, you can view the user to user groups mappings.
    The inverted triangles on the map are color-coded to indicate Prisma Access location status:
    • Green: All instances are up.
    • Red: All instances are down.
    • Yellow: Instances are a combination of up, down, and unknown, and may require your attention.
    • Gray: All instances are unknown.
    1. From the
      Summary
       dashboard, select the
      Map View
      .
    2. Hover your mouse cursor over a location until a popup dialog appears.
    3. Select
      View User ID, User Groups & IP Mapping
       from the dialog. The
      UserID and User Group Distribution Check
       dialog opens.
    4. Select the
      Prisma Access Location
       and
      Node Type
      . The
      Prisma Access Location filter
       is not taken into consideration when the
      Node Type
       is
      Mobile Users (GlobalProtect)
      .
      For Remote Networks and Service Connections, you can only see user ID to user group mappings.
      1. Select a
        Prisma Access Location
        . If the Prisma Access Location you select does not have any associated remote networks or service connections, you see a “No Data Available” message in the
        Remote Networks Site
         field or
        Service Connections Site
         field, as the case may be, and the
        Show User Groups
         and
        Export to CSV
         buttons are disabled.
      2. From
        Node Type
        , select Remote Networks or Service Connections.
      3. From the
        Remote Networks Site
         or
        Service Connections Site
         field, select the site from which you want to retrieve the data.
      4. In View, select whether you want to see which user groups a User ID belongs to (User) or which users are a part of a particular Group (Group) associated with the site.
        • If you select
          User
          , enter the user’s
          User ID
           (for example, saas\testuser3) to get the user ID to user group mapping, then select
          Show User Groups
          . A list of all the groups that the user ID belongs to is displayed under
          User ID-IP Mappings
          .
          You can search for a specific group by typing the group name or a string that is contained within the group name you want to find by entering it in the
          User Group
           text box. If you search for a group that does not exist, you see an error saying, “No data is available.” You can also sort the list of groups by toggling the arrows icon next to
          User Group
          . You can select the number of entries you want to display, as well as scroll through pages by clicking the forward and back arrows.
          If you select
          Groups
          , selecting
          Show User-Group Mappings
           displays all the groups that are available in the site under
          All User Groups in
          <selected_site>
          . If you select a group, all users belonging to the group are displayed in the right pane. The
          Export to CSV
           button becomes activated, and you can export all the users belonging to that group into a CSV file. The exported CSV file contains all the entries for the group, even if they are not displayed in the UI at the time of export.
          You can search for a specific group by typing the group name or a string that is contained within the group name you want to find by entering it in the
          User Group
           text box. If you search for a group that does not exist, you see an error saying, “No data is available.” You can also sort the list of groups by toggling the arrows icon next to
          User Group
          . You can select the number of entries you want to display, as well as scroll through pages by selecting the forward and back arrows.
      Node Type
      :
      Mobile Users (GlobalProtect)
      You can see user ID to IP mapping as well as the user ID to user group mapping. The
      Prisma Access Location
       filter is not taken into consideration when the selected
      Node Type
       is
      Mobile Users (GlobalProtect)
      . Instead, Prisma Access Insights uses the GlobalProtect gateway IP address to look for the data.
      1. Enter a GlobalProtect IP gateway address in the
        Gateway
         text box.
      2. Select whether you want to
        View
         data for user ID to user IP mapping (
        Users
        ) or user ID to user group mappings (
        Groups
        ) for users who are connected to your specified GlobalProtect gateway.
        If you selected
        Users
        , select
        Show UserID-IP Mappings
        . A table of user ID to their user IP mapping is displayed along with the
        Timeout
        , which shows you for how long (in seconds) the user ID to user IP entry is valid. Selecting a particular user displays the groups that the user belongs to. Selecting a group shows every user that belongs to that group. It also enables the
        Export to CSV
         button, which allows you to export all the users in that group regardless of any filtered view displayed in the UI.
        If you selected
        Groups
        , choose
        Show User-Group Mappings
        . A list of all user groups belonging to that GlobalProtect gateway appears under
        User Group
        . Selecting a user group displays all users belonging to that group in the right pane. It also enables the
        Export to CSV
         button, which allows you to export all the users in that group regardless of any filtered view displayed in the UI.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo