Administer log forwarding FAQs and best practices
Okta recommends using a port number greater then 2048. Many operating systems have access restrictions on ports with values less then 2048. While port numbers lower then 2048 may work, they should be avoided when possible.
Frequently Asked Questions
The frequency of log events depends on the activity in Access Gateway in one of the covered areas.
For example, AUDIT events occur only when an application is accessed. If there are no current application accesses, then no events will occur. Similarly, MONITOR events occur when a change is made to an Access Gateway configuration. For example application updates, configuration of data stores, or similar changes. . If no changes are being made, then no monitor events will occur.
No, once configured Access Gateway immediately begins to send out events, as they occur.
From a log forwarding perspective, yes, Access Gateway does not cache events. When there is no recipient for the event stream, in this case Gray Log, the events are dropped. However, you can still download the logs for the time period where events were missing. See Download logs.