Description |
This article describes that user group name info in the logs page are showing N/A. |
Scope | FortiGate logs. |
Solution |
This is an expected behavior and not an issue when users are belonging to multiple user groups the group name entry in the Logs will show as N/A.
For verifying if the users are possessing membership to both groups:
# diagnose firewall auth list 10.1.111.1, testuser
It is noticed that this 'testuser' has a membership to both the user groups testgrp1 and testgrp2.
However, in the logs, it will show the entry to be N/A for the user group info and this is expected as the user is present in multiple groups.
Sample log output:
date="2023-03-01" time="08:30:11" id=7207611483885144770 bid=105602030 dvid=1047 itime=1678152821 euid=236630 epid=3 dsteuid=3 dstepid=3 logver=604031778 logid="0102043008" type="event" subtype="user" level="notice" srcip="10.2.12.2" dstip="10.2.20.5" policyid=27 action="authentication" msg="User testuser succeeded in authentication" logdesc="Authentication success" user="testuser" status="success" group="N/A" reason="N/A" authproto="HTTP(10.1.111.1)" interface="port2" eventtime=1678152611937542499 tz="+0700" devid="FG100xxxx" vd="root" devname="testintf"
To test this, it is possible to remove the user from one of the groups and then can authenticate, the user group name will be visible with the user group info. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.