Okta is a cloud-based identity and access management (IAM) platform that provides secure authentication, authorization, and user management solutions. The Okta System Log API gives you read-only access to your enterprises’ system logs close to real-time. You can read more about Okta System Log API here. By default, there is no way to get logs from Okta in real time and continuously. Hence, we made a tool that does the same.
Step 1: Install Git in your system. If you’re not sure how to do it, Click here to read more about it.
Step 2: Install Python version 3.X in your system. If you’re not sure how to do it, Click here to read more about it.
Step 3: You’ll need API token from the Okta. Follow this guide to generate a token from Okta.
Step 4: Once you are finished with installing Git, fire up a terminal in your system or if you’re on windows open up a CMD/POWERSHELL and run: “git clone https://github.com/dhaval055/ ”
Step 5: You’ll see the following files in your folder.
• Okta-config.properties: In this file, fill out the values of org & token. Value for org will be your organization name and for token use the one we generated in step 3.
• oktalogfetcher.py: This file contains code for pulling logs from okta and writing those logs to output.log file.
• oktascript.log: This file contains logs of oktalogfetcher.py
• output.log: This is where your okta log will be stored.
Step 6: okta-config.properties should look like this once you have filled in your details.
Step 7: Now we will need to install requirement of the script. Open up a terminal, make sure you’re in the same directory where scripts are and run “python3 –m pip install –r requirements.txt”.
Step 8: After above step we’re good to run the tool. Run command “python3 oktalogfetcher.py”.
Step 9: Now you should be seeing logs from Okta in output.log file. Please note that we have added delay of 120 seconds (You can change the same in okta-config.properties file) so that we don’t get duplicate entries in our log file.
NOTES:
EXTRAS:
In Conclusion, this tool offers ability to collect logs from Okta in near real-time. By leveraging this tool, we can quickly identify and remediate security issues, optimize and maintain compliance with regulatory standards.