show user user-id-agent state all | View all configured Windows-based agents. |
show user server-monitor state all | View if the PAN-OS-integrated agent is configured. |
show user server-monitor statistics | View how many log messages came in from syslog senders and how many entries the User-ID agent successfully mapped. |
show user user-id-agent config name <agent-name> | View the configuration of a User-ID agent from the Palo Alto Networks device. |
show user group-mapping statistics | View group mapping information. |
show user group-mapping state all | View group mapping information. |
show user group list | View group mapping information. |
show user group name <group-name> | View group mapping information. |
show user ip-user-mapping all | View all user mappings on the Palo Alto Networks device. |
show user ip-user-mapping all | match <domain>\\<username-string> | Show user mappings filtered by a username string (if the string includes the domain name, use two backslashes before the username). |
show user ip-user-mapping ip <ip-address> | Show user mappings for a specific IP address. |
show user user-ids | Show usernames. |
show log userid datasourcename equal <agent-name> direction equal backward | View the most recent addresses learned from a particular User-ID agent. |
show log userid datasourcetype equal <authentication-service> | View mappings from a particular type of authentication service. Replace <authentication-service> with the specific service type. |
show log userid datasource equal <datasource> | View mappings learned using a particular type of user mapping. Replace <datasource> with the specific data source type. |
show user email-lookup ... | Find a user mapping based on an email address. Use the additional parameters as needed for specific searches. |
clear user-cache all | Clear the User-ID cache. |
clear user-cache ip <ip-address/netmask> | Clear a User-ID mapping for a specific IP address. |