Okta Event Collector
#
This Integration is part of the Okta Pack.Supported versions
Supported Cortex XSOAR versions: 6.8.0 and later.
Collects the events log for authentication and Audit provided by Okta admin API
#
Configure Okta Log on Cortex XSIAM- Navigate to Settings > Configurations > Automation & Feed Integrations.
- Search for Okta event collector.
- Click Add instance to create and configure a new integration instance.
Parameter | Description | Required |
---|---|---|
Server URL | Okta URL (https://yourdomain.okta.com) | True |
API request limit | The amount of items to retrieve from Okta's API per request (a number between 1 and 1000) | False |
proxy | Use system proxy settings | False |
API key | The request API key | True |
First fetch time interval | The period (in days) to retrieve events from, if no time is saved in the system | True |
- Click Test to validate the URLs, token, and connection.
#
CommandsYou can execute these commands in a playbook.
#
test-moduleIntegration command for testing.
#
fetch-eventsCommand that is activated by the engine to fetch event.
#
paramsproduct the name of the product to name the dataset after ####$ okta-get-events
Manual command to fetch events and display them.