On This Page

Home / Search/ Connect to Data/Connect Cribl Search to Okta API

Connect Cribl Search to Okta API

Configure Cribl Search to query an Okta API endpoint.

Okta is a cloud-based identity solution that links your apps, logins, and devices.

In this guide, you’ll set up a Dataset Provider and a Dataset to search the users, apps, devices, groups, and logs endpoints in your Okta account.

Add an Okta API Dataset Provider

A Dataset Provider tells Cribl Search where to query and contains access credentials. Here, you will add an Okta API Dataset Provider.

To add a new Dataset Provider, select Data, then Dataset Providers, then Add Provider.

Set the following configurations in the New Dataset Provider modal:

  1. ID is a unique identifier for the Dataset Provider. This is how you’ll reference it when assigning Datasets to it. Start the ID with a letter; the rest of the ID can use letters, numbers, and underscores (for example, my_dataset_provider_1).
  2. Description is optional.
  3. Set Dataset Provider Type to Okta API.
  4. Select Add Configuration to specify your Okta account. In the Account Configuration table, enter:
    • Account Name: Okta account name.
    • Domain Endpoint: URL for the subdomain of your organization. For example, subdomain.okta.com. For details, see Find your Okta domain.
    • API Token: API token for authorizing requests. For details, see Create an API token.
  5. Select Save when finished.

Add an Okta API Dataset

Now you’ll add a Dataset that tells Cribl Search what data to search from the Dataset Provider.

To add a new Dataset, select Data, then Datasets, then Add Dataset.

Set the following configurations in the New Dataset modal:

  1. ID is an identifier unique for both Cribl Search and Cribl Lake. You’ll use this to specify the Dataset in a query’s scope, telling Cribl Search to search the Dataset. Start the ID with a letter; the rest of the ID can use letters, numbers, and underscores (for example, my_dataset_1).
  2. Description is optional.
  3. Set Dataset Provider to the ID of an Okta Dataset Provider.
  4. Select Add endpoint to select the endpoints for your Dataset.
  5. Enabled endpoints: Select an endpoint from the drop-down menu. Your options are:
    • users
    • apps
    • devices
    • groups
    • logs
  6. In Processing, you can apply rules for breaking data into discrete events. For more information, see Datatypes.
  7. In Snapshots, you can set up API Snapshots.
  8. Select Save when finished.

Search Okta API

Now that you have a Dataset Provider and Dataset, you’re ready to start searching.

Search results can start showing up within a second or two, but when the search completes depends on how much data there is in the account.