Okta Event Collector
This Integration is part of the Okta Pack.#
Supported versions
Supported Cortex XSOAR versions: 6.8.0 and later.
Collects the events log for authentication and Audit provided by Okta admin API
Configure Okta Log on Cortex XSIAM#
- Navigate to Settings > Configurations > Automation & Feed Integrations.
- Search for Okta event collector.
- Click Add instance to create and configure a new integration instance.
| Parameter | Description | Required |
|---|---|---|
| Server URL | Okta URL (https://yourdomain.okta.com) | True |
| API request limit | The amount of items to retrieve from Okta's API per request (a number between 1 and 1000) | False |
| proxy | Use system proxy settings | False |
| API key | The request API key | True |
| First fetch time interval | The period (in days) to retrieve events from, if no time is saved in the system | True |
- Click Test to validate the URLs, token, and connection.
Commands#
You can execute these commands in a playbook.
test-module#
Integration command for testing.
fetch-events#
Command that is activated by the engine to fetch event.
params#
product the name of the product to name the dataset after ####$ okta-get-events
Manual command to fetch events and display them.