Fortinet white logo
Fortinet white logo

Administration Guide

Identity List

Identity List

To open the Identity List, go to Fabric View > Asset Identity Center > Asset Identity List > Asset List and select Identity in the top-right corner of the pane.

This table lists all endpoints and users from relevant logs and correlates them with FortiAnalyzer modules.

Column

Description

User Id

The ID of the user.

User Name

The name of the user.

User Group

The group of user identities. An identity can be a:

  • Local user account (username/password stored on the FortiGate unit)
  • Remote user account (password stored on a RADIUS, LDAP, or TACACS+ server)
  • PKI user account with digital client authentication certificate stored on the FortiGate unit
  • RADIUS, LDAP, or TACACS+ server, optionally specifying particular user groups on that server
  • User group defined on an FSSO server.

Endpoints

Endpoint host name, IP address, or MAC address. A user may be connected to multiple endpoints.

Click the endpoint to display the corresponding user information in the Assets pane.

Social

The user's Name, Picture, Email, Phone Number, and Social if it is available.

Source

The name of device that created the log.

VPN IP

The VPN IP.

Identification Time

The time of identification.

Last Seen

The last seen time.

Last Update

The date and time the log was updated.

Caution

End user information is limited if there is no FortiClient in your installation.

  • Endpoints are detected based on MAC address and displayed by IP address instead of host name.
  • User related information might not be available.
  • Detailed information such as OS version, avatar, and social ID information are not available.
To filter the entries using filters in the toolbar:
  • Specify filters in the Add Filter box.

    • Regular Search: In the selected summary view, click Add Filter and select a filter from the dropdown list, then type a value. Click NOT to negate the filter value. You can add multiple filters and connect them with “and” or “or”.

    • Advanced Search: Click the Switch to Advanced Search icon at the end of the Add Filter box. In Advanced Search mode, enter the search criteria (log field names and values). Click the Switch to Regular Search icon to go back to regular search.

To create a custom view:
  1. In the toolbar, click the column settings icon, and select the columns you want to display.
  2. Click Custom View > Save As Custom View. The Save as New Custom View dialog is displayed.
  3. In the Name field, enter a name for the custom view, and click OK. The view is saved under Fabric View > Asset Identity Center > Custom View.
To change the visibility of a custom view:
  1. If using ADOMs, ensure that you are in the correct ADOM.
  2. In Fabric View > Asset Identity Center > Custom View, select the menu icon next to your custom view, and select Share with Others.

    You can also Rename, Save As (clone), or Delete the custom view.

  3. Set the Privacy field to On: Public or Off: Private, and click OK.
To configure the display settings in the Social column:
  1. Go to Log View >Tools icon > User Display Preferences.
  2. Select the order preference tab you want to configure.
    Tabs include Name, Picture, Email, Phone Number, and Social.
  3. Rearrange the order preference as per your needs by drag-and-dropping an entry. For names, pictures, emails, and phone numbers, only the top entry will appear in the identity pop-up window.
  4. User information can be disabled by moving the Show toggle to the Off position in the respective tabs.
To download the entries as a CSV file:
  1. Click Download.

Identity List

Identity List

To open the Identity List, go to Fabric View > Asset Identity Center > Asset Identity List > Asset List and select Identity in the top-right corner of the pane.

This table lists all endpoints and users from relevant logs and correlates them with FortiAnalyzer modules.

Column

Description

User Id

The ID of the user.

User Name

The name of the user.

User Group

The group of user identities. An identity can be a:

  • Local user account (username/password stored on the FortiGate unit)
  • Remote user account (password stored on a RADIUS, LDAP, or TACACS+ server)
  • PKI user account with digital client authentication certificate stored on the FortiGate unit
  • RADIUS, LDAP, or TACACS+ server, optionally specifying particular user groups on that server
  • User group defined on an FSSO server.

Endpoints

Endpoint host name, IP address, or MAC address. A user may be connected to multiple endpoints.

Click the endpoint to display the corresponding user information in the Assets pane.

Social

The user's Name, Picture, Email, Phone Number, and Social if it is available.

Source

The name of device that created the log.

VPN IP

The VPN IP.

Identification Time

The time of identification.

Last Seen

The last seen time.

Last Update

The date and time the log was updated.

Caution

End user information is limited if there is no FortiClient in your installation.

  • Endpoints are detected based on MAC address and displayed by IP address instead of host name.
  • User related information might not be available.
  • Detailed information such as OS version, avatar, and social ID information are not available.
To filter the entries using filters in the toolbar:
  • Specify filters in the Add Filter box.

    • Regular Search: In the selected summary view, click Add Filter and select a filter from the dropdown list, then type a value. Click NOT to negate the filter value. You can add multiple filters and connect them with “and” or “or”.

    • Advanced Search: Click the Switch to Advanced Search icon at the end of the Add Filter box. In Advanced Search mode, enter the search criteria (log field names and values). Click the Switch to Regular Search icon to go back to regular search.

To create a custom view:
  1. In the toolbar, click the column settings icon, and select the columns you want to display.
  2. Click Custom View > Save As Custom View. The Save as New Custom View dialog is displayed.
  3. In the Name field, enter a name for the custom view, and click OK. The view is saved under Fabric View > Asset Identity Center > Custom View.
To change the visibility of a custom view:
  1. If using ADOMs, ensure that you are in the correct ADOM.
  2. In Fabric View > Asset Identity Center > Custom View, select the menu icon next to your custom view, and select Share with Others.

    You can also Rename, Save As (clone), or Delete the custom view.

  3. Set the Privacy field to On: Public or Off: Private, and click OK.
To configure the display settings in the Social column:
  1. Go to Log View >Tools icon > User Display Preferences.
  2. Select the order preference tab you want to configure.
    Tabs include Name, Picture, Email, Phone Number, and Social.
  3. Rearrange the order preference as per your needs by drag-and-dropping an entry. For names, pictures, emails, and phone numbers, only the top entry will appear in the identity pop-up window.
  4. User information can be disabled by moving the Show toggle to the Off position in the respective tabs.
To download the entries as a CSV file:
  1. Click Download.