Ingesting Okta logs: system and user_context to Chronicle

Question

Hey all, I'm pretty new to Security and Chronicle and while looking into log ingestion in Chronicle I encountered the topic of ingesting Okta logs into Chronicle, particularly for two customer usecases: system logs and user_context logs. By googling I was able to find this resource for system logs, but wasn't able to find much documentation for steps to follow to get user_context logs. I'm looking for something that can provide steps like getting the API key and plugging it into Chronicle like I see with other log sources.

Any help would be appreciated!

Page 1 / 1

Hi,

Please follow the same process, but select the "OKTA USER CONTEXT" log type instead of the "OKTA" log type.

Reply

Digal · Accepted Answer

Hi,Please follow the same process, but select the "OKTA USER CONTEXT" log type instead of the "OKTA" log type.

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded