Using Okta Identity Cloud REST APIs the Okta Identity Cloud Add-on for splunk allows a Splunk® administrator to collect data from the Okta Identity Cloud. The Add-on collects data related to: • Event log information • User information • Group and Group Membership Information • Application and Application Assignment information Using Okta Identity Cloud REST APIs this Add-on supports adaptive response actions and custom alerts that enable taking the following actions from Splunk: • Adding and removing Okta users from groups in Okta • Performing account lifecycle actions (e.g. suspend, deactivate, expire) on Users in Okta This Add-on provides inputs and CIM-compatible knowledge to use with other Splunk apps, such as Splunk Enterprise Security and the Splunk App for PCI Compliance.