Description

This article describes how to display the Session list for application control signature ID.

Scope

FortiGate.

Solution

The list of application control profiles is visible from the CLI.

To check the same over CLI, execute the below command:

get firewall iprope appctrl list | grep "/"
app-list=default/2000 other-action=Pass
app-list=sniffer-profile/2001 other-action=Pass
app-list=wifi-default/2002 other-action=Pass
app-list=block-high-risk/2003 other-action=Pass
app-list=WSR-Staff/2004 other-action=Pass
app-list=Youtube access/2005 other-action=Pass

In the above output, there are a total of six application control signature profiles configured.

To view the Session list for Application Control Signature ID, it is necessary to follow the below syntax:

diagnose sys session list | grep -f app= <application id>

For example, 31077 is the application ID for YouTube access.

To check the same over CLI, execute the below command: 

diagnose sys session list | grep -f app=31077
serial=00628126 tos=ff/ff app_list=2005 app=31077 url_cat=0 <-----
serial=00627e51 tos=ff/ff app_list=2005 app=31077 url_cat=0 <-----
serial=00627e59 tos=ff/ff app_list=2005 app=31077 url_cat=0 <-----

It is also possible to view sessions on the GUI under Dashboard -> FortiView Sessions. Application can be filtered by name as shown below.