Solved: How to get the Splunk App and Add-on for Okta to s...

butzowj · ‎07-08-2016

Hello -

I am working on getting the Splunk App and Add-on for Okta working for Splunk 6.2.4. Currently I am pulling in some data with the okta:user sourcetype, but I just keep pulling back the same records...

What can I do to get the app to stop pulling in duplicate records?

Thanks!

rwang_splunk · ‎07-18-2016

Hi butzowj

The sourcetype okta:user is designed to retrieve all user data from Okta system on a certain interval time. It will pull the same data from the Okta system if the user information does not change. I think you can either disable the inputs after pulling the data, and enable it whenever you want to, or set a longer interval time to prevent frequent data duplication.

View solution in original post

rwang_splunk · ‎07-18-2016

Hi butzowj

The sourcetype okta:user is designed to retrieve all user data from Okta system on a certain interval time. It will pull the same data from the Okta system if the user information does not change. I think you can either disable the inputs after pulling the data, and enable it whenever you want to, or set a longer interval time to prevent frequent data duplication.

How to get the Splunk App and Add-on for Okta to stop pulling duplicate data?

Dashboard Studio Challenge - Learn New Tricks, Showcase Your Skills, and Win Prizes!

Introducing Edge Processor: Next Gen Data Transformation

Take the 2021 Splunk Career Survey for $50 in Amazon Cash