Skip to main content

Okta Event Collector

This Integration is part of the Okta Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.8.0 and later.

Collects the events log for authentication and Audit provided by Okta admin API

This is the default integration for this content pack when configured by the Data Onboarder in Cortex XSIAM.

Configure Okta Log on Cortex XSIAM#

  1. Navigate to Settings > Configurations > Automation & Feed Integrations.
  2. Search for Okta event collector.
  3. Click Add instance to create and configure a new integration instance.
ParameterDescriptionRequired
Server URLOkta URL (https://yourdomain.okta.com)True
API request limitThe amount of items to retrieve from Okta's API per request (a number between 1 and 1000)False
proxyUse system proxy settingsFalse
API keyThe request API keyTrue
First fetch time intervalThe period (in days) to retrieve events from, if no time is saved in the systemTrue
  1. Click Test to validate the URLs, token, and connection.

Commands#

You can execute these commands in a playbook.

okta-get-events#


Manual command to fetch events and display them.