Getting Data In

Okta Rate Limit "skinny_users" warnings

justynap_ldz
Path Finder

Hello everyone,

Could you please help me out with the following query?

We have a TA-Okta_Identity_Cloud_for_Splunk installed on a Heavy Forwarder.
Our customer receives  “skinny_user” rate limit warnings from /api/v1/apps endpoint.
Following Okta documentation, it is suggested to change a limit to the default value of 20:
https://www.okta.com/integrate/documentation/security-enforcement-integrations/security-analytics/#a... 

justynap_ldz_1-1618310655186.png

 

However, when I check limits in our Add-On, the ranges of  User, Group, App and Log Limits (min/max values) are different from the ones in Okta documentation. 

justynap_ldz_0-1618310616950.png

Could you please help me finding the right limit which I should adjust in Splunk?


Thank you!

Labels (1)
0 Karma
Get Updates on the Splunk Community!

Detecting Remote Code Executions With the Splunk Threat Research Team

WATCH NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If exploited, ...

Enter the Splunk Community Dashboard Challenge for Your Chance to Win!

The Splunk Community Dashboard Challenge is underway! This is your chance to showcase your skills in creating ...

.conf24 | Session Scheduler is Live!!

.conf24 is happening June 11 - 14 in Las Vegas, and we are thrilled to announce that the conference catalog ...