Add an AWS EventBridge log stream

This is an Early Access feature. To enable it, use the Early Access Feature Manager as described in Manage Early Access and Beta features.

To send Okta System Log events to Amazon EventBridge, you must add an AWS EventBridge log stream in Okta and configure it in the AWS console.

Before you begin

Ensure that:

  • You’re signed in to Okta as a super admin.

  • Optional (recommended). You know the AWS region of your Okta org’s deployment. You can contact Okta Support to find out your AWS region.

  • You have the AWS account ID and region information for your EventBridge target.

  • You have appropriate permissions to configure EventBridge to receive SaaS partner events as described in the AWS documentation.

Add an AWS EventBridge log stream

  1. In the Admin Console, go to Reports > Log Streaming. This page shows all of the log stream targets available in your org.

  2. Click Add Log Stream to start the log stream wizard.

  3. Select AWS EventBridge from the catalog. Click Next.

  4. Fill in the configuration details for your AWS EventBridge log stream:

    • Name: Provide a unique name for this log stream in Okta.

    • AWS Event Source Name: Provide a unique name without any special characters or spaces to identify this event source in Amazon EventBridge.

    • AWS account ID: The 12 digit account identifier provided by AWS.

    • AWS region: Select the AWS region closest to your EventBridge target. Closer geographic regions mean faster stream connection. To send the same events to multiple regions, you must create multiple log stream targets.

  5. Click Save. You receive a confirmation message.

The log stream that you just added appears on the Log Streaming page with its status as Active.

 

Configure the Amazon EventBridge log stream in the AWS console

You must configure your Amazon EventBridge log stream to accept partner events from Okta.

  1. In the AWS console, go to Amazon EventBridge.

  2. Select Partner event sources from the Integration section of the navigation panel.

  3. If you successfully activated an AWS EventBridge log stream in Okta, you should see a partner event source in the Pending status with a name following the format:

    aws.partner/okta.com/yourOktaSubdomain/yourAWSEventSourceName

  4. Select the log stream and click Associate with an event bus.

  5. Select the required permissions for the log stream on the Associate with event bus page. Click Associate. Your partner event source is active and events are available in the corresponding event bus.

  6. Select Rules from the Events section of the navigation panel. For more information, see AWS - Creating a rule that matches SaaS partner events.

    To ensure that AWS EventBridge receives all logging events from Okta when you create rule, select Pre-defined pattern by service for the Event matching pattern and then select All Events as your Service provider.

  7. Perform an action in Okta to generate an event, such as signing in/out of the Admin Console. You can then view the corresponding events within the event bus.

Related topics

Edit the status of your log stream