![]() ![]() Within the query editor, just enter Okta_CL and click Run. Expand that, and you should see an entry called Okta CL. You should see a section called Custom Logs. Navigate back to your Azure Sentinel page and Go to Logs. Step 10: Let’s query the recently pulled data from Okta in Azure Sentinel. Step 9: Let’s try to manually test the Okta connector by running the Function app that will query and pull the System Logs from Okta. You should see additional resources deployed within the resource group. Step 8: Once the deployment is finished, navigate to the resource group you’ve used to create the Sentinel and Okta data connector resources. Click Create and Wait for the deployment to finish. Step 7: Enter the workspace ID, primary key and Okta API token you noted earlier. A new tab will be open as part of the process. Take note of the Workspace ID and Primary Key. Note down your newly generated Okta API token, as you will use this later as part of the integration with Azure Sentinel. Step 5: Login as an Administrator in your Okta service, navigate to Security-> API Tokens, and create/obtain an API token. Click the Okta Single Sign-On (Preview) Connector. Step 4: Search for Okta within the Data Connectors page. Step 3: Under Configuration, Click Data Connectors Step 1: Enable Azure Sentinel within your Azure tenant. How to integrate Okta and Azure Sentinel? (The Walkthrough process) This also allows you to proactively quartine, prevent and contain any further/collateral damage that could happen if the risky event wasn’t handled appropriately and timely. Microsoft Sentinel is your bird’s-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames.” – īy integrating Okta with Azure Sentinel, you can correlate and pinpoint system-related attacks that may have been initiated via account takeovers, suspicious behaviour, MFA push bombs and other identity-related attacks. ![]() With Microsoft Sentinel, you get a single solution for attack detection, threat visibility, proactive hunting, and threat response. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise. Security orchestration, automation, and response (SOAR).Security information and event management (SIEM).“Microsoft Sentinel is a scalable, cloud-native solution that provides: In this blog post, I’ll showcase how you can integrate Okta with Microsoft Azure Sentinel to achieve Security orchestration, automation and respons e, or SOAR capabilities using Identity events/signals captured by Okta. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |