Getting Data In

Okta Rate Limit "skinny_users" warnings

justynap_ldz
Explorer

Hello everyone,

Could you please help me out with the following query?

We have a TA-Okta_Identity_Cloud_for_Splunk installed on a Heavy Forwarder.
Our customer receives  “skinny_user” rate limit warnings from /api/v1/apps endpoint.
Following Okta documentation, it is suggested to change a limit to the default value of 20:
https://www.okta.com/integrate/documentation/security-enforcement-integrations/security-analytics/#a... 

justynap_ldz_1-1618310655186.png

 

However, when I check limits in our Add-On, the ranges of  User, Group, App and Log Limits (min/max values) are different from the ones in Okta documentation. 

justynap_ldz_0-1618310616950.png

Could you please help me finding the right limit which I should adjust in Splunk?


Thank you!

Labels (1)
0 Karma
Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.