Skip to main content
Sumo Logic

Collect Okta Logs

This topic details how to collect logs for Okta and to ingest them into Sumo Logic.

Steps to Collect Logs for Okta App

  1. First, generate an Authentication Token in Okta.
  2. Next, download the SumoJanus Package necessary for authentication and deploy the package on a local server running the Sumo Logic Collector.
  3. Next, update the local properties file with the Okta token created in step 1. The Properties file will be generated in step 2 when you download and deploy the SumoJanus package.
  4. Finally, Configure an Installed Collector and create a Script Source in Sumo Logic to send the data from Okta to Sumo Logic.

The following sections explain the above steps in detail:

Generate the Okta API token

Create an API token by following the steps provided here: Getting a token. You will need this API token later to enter in the Properties file.

Download the SumoJanus Packages

The following SumoJanus files are required to collect logs from Okta. SumoJanus is a proprietary library used for script-based collection from applications such as Okta, Box, and Salesforce.

Deploy the Packages

If you have not previously set up the SumoJanus package, follow these steps.

  1. Copy the two package files you downloaded to the same folder, then unzip them there.
    • On Linux, run the following commands:

      tar xzvf sumojanus-dist.3.0.0.tar.gz

      tar xzvf sumojanus-Okta-1.0.0.tar.gz

    • On Windows, use a third-party tool to unzip the packages.

The first unzip will create a folder called sumojanus in the directory where you unzipped, along with relevant files. The second unzip will add more files to the folder which you need later.

If you have previously set up the SumoJanus package, be aware that you can’t mix SumoJanus v2.0 and v3.0.0, and we recommend that you deploy v3.0.0 (and later) in a separate folder. If you already have a v3.0.0 SumoJanus folder, then use these steps:

  1. Back up conf/ and the “data” folder.

  2. Copy the file sumojanus-Okta-1.0.0.tar.gzto the parent folder where SumoJanus is currently installed.

  3. From there, unzip the file sumojanus-Okta-1.0.0.tar.gz using the following command:

      tar xzvf sumojanus-Okta-1.0.0.tar.gz

    This will copy the files from the Okta package to the sumojanus folder.

Edit the Properties file

  1. Open the file sumojanus/conf/sumologic.propertiesin a text editor and add the following lines:


    path = .


    # provide the parameters for a bundle via a unique section after this


    # required, your Okta API token

    api_token = <your Okta API token>

    # required, your okta account URL, e.g:

    okta_org_url = <your Okta URL>

    # required, file to keep track of the okta event stream

    stream_pos_path = ${path}/data/okta_checkpoint.dat
    # optional, maximum pagination limit is 100

    #pagination_limit = 100
    #optional, start time window to query, in epoch milliseconds. Default is 7 days ago.
    #start_time = 1435709058000

    # optional, end time window to query, in epoch milliseconds. Default is 1 minute ago
    #end_time = 1436377600000

  2. api_token. Enter the Okta API token that you created in the Generate the Okta API token step.

  3. okta_org_url. Enter your Okta URL. Note that the URL starts with https, and not http.

  4. stream_pos_path. Replace the ${path}variable with the actual path on the server where SumoJanus is installed. For example: "/home/sumojanus"

  5. Save your changes.

Once you’re done editing, your sumojanus/conf/ file should look similar to this:

Okta Properties File

Configure a Collector

Configure an Installed Collector on a Linux or Windows machine. By default the Collector will come with a Java Runtime Environment.

Open the file $path\sumojanus\bin\SumoJanus_Okta.bat, with any text editor. Here, $path is where sumojanus is installed. In the file, 

set JAVAPATH="[Your Path]\Sumo Logic Collector\jre\bin"

The JAVAPATH should be the path of jre\bin where Sumo Logic Collector is installed. For example, if you installed the collector in Program Files, then:

set JAVAPATH="C:\Program Files\Sumo Logic Collector\jre\bin".

Configure a Source

  1. Configure a Script Source.





  2. Configure the Source fields:
    1. Name. OktaCollector.
    2. (Optional) Description.
    3. Source Category. okta
    4. Frequency. Every 5 Minutes
    5. Specify a timeout for your command. Activate the checkbox and select 60 Minutes
    6. Command. For Linux, use/bin/bash. For windows, use Windows Script. (Specify the correct path on your system).
    7. Script. Use the path to sumojanus that you created in the Deploy the Packages step, such as /home/ubuntu/sumojanus/bin/SumoJanus_Okta.bash.(Do not select "Type the script to execute.")
    8. Working Directory. $path/sumojanus,where $path is the path of SumoJanus that you created in the Deploy the Packages step.
  3. Click Save.