Join us for a webinar on January 18, 2022 at 2:00PM EDT and learn how to leverage Splunk and Okta together from subject matter experts at August Schell, Splunk, and Okta.
Splunk is a software platform for machine data that helps customers gain real-time operational intelligence. Okta is an identity platform built in the cloud that securely connects any user to their applications. Splunk and Okta work in tandem to enrich the aggregated and correlated data from the Okta Identity Cloud Add on for Splunk.
With the app integration enabled, Okta sends rich identity event data to Splunk, which can be aggregated and correlated with information from other sources for a comprehensive view of user behavior. Security teams can use the visualization and analysis tools in Splunk to interpret data and instantly spot anomalous and potentially dangerous behavior and then take quick, decisive action against threats as they arise. The primary purpose of this Add-On is to collect time series event data from Okta using the Okta System Log API. This Add-On also contains the ability to ingest Okta Universal Directory (UD) using Okta's Users, Groups and Apps APIs.
Using Okta Identity Cloud REST APIs through the Okta Identity Cloud Add-on for Splunk allows a Splunk administrator to collect data from the Okta Identity Cloud. The Add-on collects data related to:
- Event log information
- User information
- Group and Group Membership information
- Application and Application Assignment information
Learn more about the integration by registering and joining the live webinar followed by a Q&A session.
What we'll cover:
High-level Okta overview
- Brief Splunk review
- Integration of the two platforms