What and where can I search to verify if my palo alto active/passive cluster failed over unscheduled?

Hi PANgurus, We have a query whether we can able to block a specific device from Connecting our Global Protect VPN by using the Device MAC Address. Please review and share us with your thoughts. Awaiting for your reply !! Best Regards, Sahul Hameed

I'm going to try my best to explain this. I have a shared device group Panorama > Device Groups (photo) called "common" It has no Master Device or Devices/Virtual System attached (highlighted last two columns). We use this to create Rules on to push to the various systems listed underneath (Enterprise, 01-Enterprise and so on) When creating those Rules on Panorama Policies tab > Post Rules > and I choose the Device Group "Commom" > Add (new rule) > User tab > Add a list of groups is available from the drop down (photo). My issue is that I don't know where Source User is being populated from. I get how it happens when devices are assigned, but since there is no device assigned, I can't go to from Panorama Device > User ID > Template (drop down) choose "Commom" because Shared Templates aren't in the drop down > Group Mapping Settings > Add But it's clearly getting populated somehow??? Hope that makes sense.