Add IPs to a network zone from the System Log

You can add an IP address that appears in a System Log event directly to a network zone. This eliminates the need to copy the IP address and go to the Network menu. When you add an IP to a zone, the traffic from this IP is blocked or allowed access based on how you've configured the zone. For example, if you've enabled IP Exempt Zone and you add a gateway IP to the DefaultExemptIpZone, the traffic from that IP is always allowed.

IP Exempt zone is an Early Access feature. All blocklisted IPs in an IP chain must be included in this zone for Okta to allow access.

You must have super or org admin permissions to perform the following task.

Add an IP address to a network zone from the System Log

  1. In the Admin Console, go to ReportsSystem Log.
  2. Find the event and IP address in the System Log.
  3. Hover over the IP to display the ... menu, and then select Add to zone.
  4. In the Add IP to zone dialog, select the following:
    • Add to zone: Select the network zone to which to add the IP address. If you want to always allow traffic from this IP, select DefaultExemptIpZone. To always block traffic from this IP, select BlockedIpZone instead.
    • IP type: Select from Proxy or Gateway. If you selected DefaultExemptIpZone, you can only add gateway IPs.
  5. Click Save.

When you edit a network zone, wait approximately 60 seconds for the change to propagate across all servers and take effect.

Related topics

Network zones

IP zones