All Apps and Add-ons

Splunk app for okta not collecting any data

skrish91
Path Finder

I am trying to install the latest version of the addon and app by following the documentation. I did everything according to the documentation here https://docs.splunk.com/Documentation/AddOns/released/OKTA/Setup. The app doesnt doesnt seem to collect any data. Any help would be appreciated. Thanks

Tags (1)
0 Karma

appalisudhakar
Path Finder

OKTA doesn't support custom sourcetypes. Please use default sourcetype (okta:im) if you are using a different one.

Try running a curl to API Key/token on your Heavy forwarder where OKTA add-on is installed and make sure you are seeing response without any error or timeouts.
curl -H "X-RFToken: 00ABCDXYZXXXXXXXXXXXXXXXXX" "https://XXXXXXXXXX.okta.com"

Use (hxxps://splunkbase.splunk.com/app/3682/) this Add-on of OKTA in case if you are seeing issues with your current Add-on (version 1.3.0) since newer one works perfectly and it doesn't need https or http in OKTA domain name settings.

Hope this helps!!

Thanks,
Sai

0 Karma

Vijeta
Influencer

@skrish91 Did you check the splunkd logs? Make sure the API tokens are correct. Also in Okta Domain name do not use http:// or https://

0 Karma

skrish91
Path Finder

Yes splunkd logs doesnt show any errors. For the Oka domain name I need to specify https:// itseems. If I dont specify it then the validation fails.

0 Karma

appalisudhakar
Path Finder

@skrish91 Please see my response in the post.

0 Karma
Get Updates on the Splunk Community!

Build Your First SPL2 App!

Watch the recording now!.Do you want to SPL™, too? SPL2, Splunk's next-generation data search and preparation ...

Exporting Splunk Apps

Join us on Monday, October 21 at 11 am PT | 2 pm ET!With the app export functionality, app developers and ...

[Coming Soon] Splunk Observability Cloud - Enhanced navigation with a modern look and ...

We are excited to introduce our enhanced UI that brings together AppDynamics and Splunk Observability. This is ...