All Apps and Add-ons

Filter the data for OKTA application

Path Finder

Hi ,
On a standalone SH , we are pulling OKTA logs using OKTA Identity cloud app.
Need to filter events based on the email address . For example anything with * should not be indexed.

Put props.conf and transforms .conf in location -
C:\Program Files\Splunk\etc\apps\TA-Okta_Identity_Cloud_for_Splunk\local

TRANSFORMS-set= setnull


But still events are not getting filtered . Any suggestions?

0 Karma

Ultra Champion

Have you reboot splunk?

0 Karma

Path Finder

Yes I did .

0 Karma
Get Updates on the Splunk Community!

Stay Connected: Your Guide to July and August Tech Talks, Office Hours, and Webinars!

Dive into our sizzling summer lineup for July and August Community Office Hours and Tech Talks. Scroll down to ...

Edge Processor Scaling, Energy & Manufacturing Use Cases, and More New Articles on ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Get More Out of Your Security Practice With a SIEM

Get More Out of Your Security Practice With a SIEMWednesday, July 31, 2024  |  11AM PT / 2PM ETREGISTER ...