Cisco Cisco ASA 5580 Adaptive Security Appliance Leaflet
14-28
思科 ASA 系列命令参考,S 命令
第 14 章 show uauth 至 show xlate 命令
show user-identity user active
172.100.3.23: login 200 min, idle 15 mins , 5 active conns
10.23.51.3: inactive
1-hour recv packets: 12560
1-hour sent packets: 32560
20-min drops: 560
CSCO\member-1: 4 active connections; idle 350 mins
…
APAC\sampleuser12: 3 active conns; idle 101 mins
172.1.1.1: login 360 mins, idle 101 mins, 1 active conns
172.100.3.23: login 200 min, idle 150 mins, 2 active conns
10.23.51.3: inactive
1-hour recv packets: 12560
1-hour sent packets: 32560
20-min drops: 560
ciscoasa# show user-identity user active list detail
Total users: 25 Total IP addresses: 5
LOCAL\idfw: 0 active conns
6.1.1.1: inactive
cisco.com\sampleuser1: 0 active conns
cisco.com\sampleuser2: 0 active conns
cisco.com\sampleuser3: 0 active conns
20.0.0.3: login 0 mins, idle 0 mins, 0 active conns (disabled)
cisco.com\sampleuser4: 0 active conns; idle 0 mins
20.0.0.2: login 0 mins, idle 0 mins, 0 active conns (disabled)
cisco.com\sampleuser5: 0 active conns
...
ciscoasa# show user-identity user active user sampleuser1 list detail
CSCO\sampleuser1: 20 active conns; idle 3 mins
172.1.1.1: login 360 mins, idle 20 mins, 15 active conns
172.100.3.23: login 200 mins, idle 3 mins, 5 active conns
10.23.51.3: inactive
1-hour recv packets: 12560
1-hour sent packets: 32560
20-min drops: 560
ciscoasa# show user-identity user active user APAC\sampleuser2
APAC\sampleuser2: 20 active conns; idle 2 mins
ciscoasa# show user-identity user active user-group APAC\\marketing list
APAC\sampleuser1: 20 active conns; idle 2 mins
APAC\member-1: 20 active conns; idle 0 mins
APAC\member-2: 20 active conns; idle 0 mins
APAC\member-3: 20 active conns; idle 6 mins
...
ciscoasa# show user-identity user active user-group APAC\\inactive list
ERROR: group is not activated
相关命令
命令
说明
clear user-identity
active-user-database
active-user-database
设置指定用户的状态,所有用户都属于指定用户组,或所有用户注
销身份防火墙。
销身份防火墙。
user-identity enable
创建思科身份防火墙实例。