ADO.NET Provider for Okta

Build 24.0.9060

SystemLogs

System log events.

View Specific Information

Required Scopes

To query this view, Scope must include okta.logs.read.

Select

The provider uses the Okta API to process WHERE clause conditions built with the following columns and operators.

Note that the LIKE operator is case-sensitive.

  • Uuid supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • Version supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • Severity supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • EventType supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • LegacyEventType supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • DisplayMessage supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • ActorId supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • ActorType supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • ActorAlternateId supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • ClientId supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • ClientDevice supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • ClientIpAddress supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • ClientZone supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • OutcomeResult supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • TransactionId supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • TransactionType supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • AuthenticationProvider supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • AuthenticationStep supports the '>', '>=', '=', '<=', '<', and '!=' operators
  • AuthCredentialProvider supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • AuthCredentialType supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • AuthExternalSessionId supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • AuthInterface supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • DebugRequestUri supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • SecurityAsNumber supports the '>', '>=', '=', '<=', '<', and '!=' operators
  • SecurityAsOrg supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • SecurityISP supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • SecurityDomain supports the '>', '>=', '=', '<=', '<', '!=', and 'LIKE' operators
  • SecurityIsProxy supports the '>', '>=', '=', '<=', '<', and '!=' operators
  • Since supports the '=' operator
  • Until supports the '=' operator

All other filters are processed client-side within the provider.

For example, the following query is processed server-side:

SELECT * FROM SystemLogs WHERE Since='08-05-2024' AND Until = '08-06-2024' AND ClientId='0oaip3enwg675lSno5d7'

Columns

Name Type Description
Uuid [KEY] String Identifier for an individual event
Version String Versioning indicator
Severity String How severe the event is
Published Datetime When the event was published.
EventType String Type of event
LegacyEventType String Associated Events action object type
DisplayMessage String Display message of an event
ActorId String Id of the entity that performs an action
ActorType String Type of actor
ActorName String Display name of the actor
ActorAlternateId String Alternate Id of the actor
ClientId String Id of the request that initiates an action
ClientDevice String Type of device from which the client operates. For example, Computer.
ClientIpAddress String IP address from which the client makes a request.
ClientZone String The name of the zone to which the client's location is mapped.
OutcomeResult String Outcome of an action
TransactionId String Id of the transaction of an action
TransactionType String Type of transaction
AuthenticationProvider String System that proves the identity of an actor using the credentials provided to it
AuthenticationStep Integer Zero-based step number in the authentication pipeline. Currently unused and always 0.
AuthCredentialProvider String Software service that manages identities and their associated credentials.
AuthCredentialType String The underlying technology or scheme used in the credential.
AuthExternalSessionId String Proxy for the actor's session id.
AuthInterface String The third-party user interface through which the actor authenticates.
DebugRequestUri String Request Uri of the debug context.
SecurityAsNumber Integer Autonomous system number associated with the system the event request was sourced to.
SecurityAsOrg String Organization associated with the system the event request was sourced to.
SecurityISP String Internet service provider used to send the event's request.
SecurityDomain String The domain name associated with the IP address of the inbound event request.
SecurityIsProxy Boolean Whether the event's request is from a known proxy.

Pseudo-Columns

Pseudo column fields are used in the WHERE clause of SELECT statements, and offer a more granular control over the tuples that are returned from the data source.

Name Type Description
Since Datetime Lower limit for the published date. Defaults to 7 days before the until parameter.
Until Datetime Upper limit for the published date. Defaults to the current time.

Copyright (c) 2024 CData Software, Inc. - All rights reserved.
Build 24.0.9060