Add a Splunk Cloud log stream

This is an Early Access feature. To enable it, use the Early Access Feature Manager as described in Manage Early Access and Beta features.

Before you begin

Before you can create a log stream, you must first create an HTTP Event Collector (HEC) token on Splunk Cloud. See Set up and use HTTP Event Collector in Splunk Web.

Add an Splunk Cloud log stream

  1. Sign in to your Okta org as a super admin.

  2. In the Admin Console, go to Reports > Log Streaming. This page shows all of the log stream targets available in your org.

  3. Click Add Log Stream to start the log stream wizard.

  4. Select Splunk Cloud from the catalog. Click Next.

  5. Fill in the configuration details for your Splunk Cloud log stream:

    • Name: Provide a unique name for this log stream in Okta.

    • Host: Enter the domain for your Splunk Cloud instance. For example,

    • HEC Token: The token from your Splunk Cloud HTTP Event Collector (HEC).

  6. Click Save. You receive a confirmation message.

The log stream that you just added appears on the Log Streaming page with its status as Active.

Related topics

Edit the status of your log stream