Navigation :

Okta Failed Sso Attempts

Description

Detect failed Okta SSO events

Help
Okta Failed Sso Attempts Help This search is specific to Okta and requires Okta logs are being ingested in your Splunk deployment.

Help

Okta Failed Sso Attempts Help

This search is specific to Okta and requires Okta logs are being ingested in your Splunk deployment.

Search
`okta` displayMessage="User attempted unauthorized access to app" \| stats min(_time) as firstTime max(_time) as lastTime values(app) as Apps count by user, result ,displayMessage, src_ip \| `security_content_ctime(firstTime)` \| `security_content_ctime(lastTime)` \| `okta_failed_sso_attempts_filter` Open in Search

Search

`okta` displayMessage="User attempted unauthorized access to app" | stats  min(_time) as firstTime max(_time) as lastTime values(app) as Apps count by user, result ,displayMessage, src_ip | `security_content_ctime(firstTime)` | `security_content_ctime(lastTime)` | `okta_failed_sso_attempts_filter`

Open in Search