Mappings: Okta Catch All
Input | Value |
---|---|
Vendor | Okta |
Product | SSO |
Log Format | JSON |
Event ID Regex Pattern | _default_ |
Output | Value |
---|---|
Vendor | Okta |
Product | Single Sign-On |
Record Type | Audit |
Cloud SIEM Schema Field | Original Record Key | Notes |
---|---|---|
description | displayMessage | |
device_ip | client.ipAddress | |
http_userAgent | client.userAgent.rawUserAgent | |
sessionId | authenticationContext.externalSessionId | |
severity | severity | |
srcDevice_ip | request.ipChain.1.ip | |
success | outcome.result | This is a lookup field. More info to come in the catalog later... |
targetUser_username | target_user | |
user_authDomain | securityContext.domain | |
user_userId | target.1.id | |
user_username | user |