Skip to main content

Okta Event Collector

This Integration is part of the Okta Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.8.0 and later.

Collects the events log for authentication and Audit provided by Okta admin API

Configure Okta Log on Cortex XSIAM#

  1. Navigate to Settings > Configurations > Automation & Feed Integrations.
  2. Search for Okta event collector.
  3. Click Add instance to create and configure a new integration instance.
ParameterDescriptionRequired
Server URLOkta URL (https://yourdomain.okta.com)True
API request limitThe amount of items to retrieve from Okta's API per request (a number between 1 and 1000)False
proxyUse system proxy settingsFalse
API keyThe request API keyTrue
First fetch time intervalThe period (in days) to retrieve events from, if no time is saved in the systemTrue
The product corresponding to the integration that originated the eventsThe name of the product to name the dataset afterFalse
The vendor corresponding to the integration that originated the eventsThe name of the vendor to name the dataset afterFalse
  1. Click Test to validate the URLs, token, and connection.

Commands#

You can execute these commands in a playbook.

test-module#


Integration command for testing.

fetch-events#


Command that is activated by the engine to fetch event.

params#

product the name of the product to name the dataset after ####$ okta-get-events


Manual command to fetch events and display them.