The output of the command is not really userfriendly and I need to give this to a customer for them to review this information. So I need the output in a bit more friendly to the eyes way to be presented. I'm looking for the username, time of connection and maybe the assigned IP.

On top of that I only see 16 out of the 41 currently connected users.

Ok. I'm ready to create a SmartConsole Extension for this. So currently you have not even a CLI command that shows what you would like to show in SmartConsole, right? And SmartEvent isn't of help either. How do you know that you have 41 connected users?

Correct, there is a difference in output from the script and the CLI on the GW itself. Smartevent show 200+ users where the below command shows only 111 max, so these values really do not comply.

fw tab -t userc_users -s
HOST NAME ID #VALS #PEAK #SLINKS
localhost userc_users 146 41 111 0

Hi Maarten,

As for the SmartEvent view.

1) It doesn't show real time users, it takes the logs and the respected time frame (Last 7 days for example, check the timeframe in the view) and accumulates it, so you might have 16 users currently connected but 200 in the last week.

2) You can show more users. Widgets like tables or charts has "Number of values (up to) X". You can change it to show more and then you will be search the widget for more results.

Try this command: fw tab -t userc_users -f -u 2>/dev/null|tr ',' '\n'|grep 'UserDN'|sed 's/.*=//'|sort -u

It will only kill the few lines in the beginning, the info in the rest of the lines remain the same and the number of lines is truncated at 25 lines and the last line is also truncated halfways

Just for your reference this is the output from the gateway:

8:54:17 5 N/A N/A 1.2.1.1 > N/A LogId: <max_null>; ContextNum: <max_null>; OriginSicName: <max_null>; SRAddress: 172.30.0.119; Schema: IKE(3); UserName: MartinevdL; UserDN: ; MyRange:First: ; Last: 255.255.255.255; PeerRange:First: 172.30.0.119; PeerLast: 172.30.0.119; ConnectTime: 1633588839; RouteTraffic: 0; Expires: 895/900; LastUpdateTime: 7Oct2021 8:54:17; ProductName: VPN-1 & FireWall-1; ProductFamily: Network;

Try this: fw tab -t userc_users -f -u 2>/dev/null|tr ';' '\n'|grep 'UserName'|sed 's/.*://'|sort -u

Now I get the usernames sorted properly.

And also through the script method I now also see all users, could there be a maximum characters to be moved from the gw to the Mgmt?

It's interesting that your syntax is different than mine. I'm on R81 (gw & management).
Do you need anything else? Is that enough for use in your SmartConsole scripts repository or do you still look for a full featured SmartConsole Extension?

What do you mean by max. characters?

Could it be that the output of a R80.30 GW is different from the R81 GW? Management is on R81. If you can do something to add the ConnectTime in real time notation, that should be sufficient for now.

As the number of lines is truncated and the lines are quite long, I think there is a limit to the total size of what is transported back to the Mgmt.

Here you go: fw tab -t userc_users -f -u 2>/dev/null|tr ',;' '\n'|egrep 'UserName|ConnectTime'|tr -d '\n'|sed 's/UserName/\nUser/g; s/CN=//g'|sort -u|sed 's/^/echo "/; s/\([0-9]\{10\}\)/`date -d @\1`/; s/$/"/'|bash

ok great this gives me this output:

User: UserA ConnectTime: Wed Oct 6 07:41:06 CEST 2021
User: UserD ConnectTime: Thu Oct 7 11:39:00 CEST 2021

SmartConsole Extension to Show VPN Users

Great thing, thanks a lot Danny.