Add IPs to a network zone from the System Log
You can add an IP address that appears in a System Log event directly to a network zone. This eliminates the need to copy the IP address and go to the Network menu. When you add an IP to a zone, the traffic from this IP is blocked or allowed access based on how you've configured the zone. For example, if you've enabled IP Exempt Zone and you add a gateway IP to the DefaultExemptIpZone, the traffic from that IP is always allowed.
IP Exempt zone is an Early Access feature. All blocklisted IPs in an IP chain must be included in this zone for Okta to allow access.
You must have super or org admin permissions to perform the following task.
Add an IP address to a network zone from the System Log
- In the Admin Console, go to .
- Find the event and IP address in the System Log.
- Click the More icon and Add to zone.
- In the Add to IP zone dialog, select the following:
- Add to zone: Select the network zone to which to add the IP address. If you want to always allow traffic from this IP, select DefaultExemptIZone. To always block traffic from this IP, select BlockedIpZone instead.
- IP type: Select from Proxy or Gateway. If you selected DefaultExemptIZone then, you can only add gateway IPs.
- Click Save.
When you edit a network zone, wait approximately 60 seconds for the change to propagate across all servers and take effect.