To learn more, visit the Okta documentation.

Basic Parameters

ParameterDescription
QueryFilters the log events results by one or more exact keywords.
Return All PagesAutomatically fetch all resources, page by page.
SinceFilters the lower time bound of the log events published property for bounded queries or persistence time for polling queries.
UntilFilters the upper time bound of the log events published property for bounded queries or persistence time for polling queries.

Advanced Parameters

ParameterDescription
FilterFilter Expression that filters the results, for more information visit https://developer.okta.com/docs/reference/api/system-log/#expression-filter
LimitSets the number of results that are returned in the response.
Sort OrderThe order of the returned events.

Example Output

[    {        "version": "0",        "severity": "INFO",        "client": {            "zone": "OFF_NETWORK",            "device": "Unknown",            "userAgent": {                "os": "Unknown",                "browser": "UNKNOWN",                "rawUserAgent": "UNKNOWN-DOWNLOAD"            },            "ipAddress": "12.97.85.90"        },        "actor": {            "id": "00u1qw1mqitPHM8AJ0g7",            "type": "User",            "alternateId": "admin@example.com",            "displayName": "John Doe"        },        "outcome": {            "result": "SUCCESS"        },        "uuid": "f790999f-fe87-467a-9880-6982a583986c",        "published": "2017-09-31T22:23:07.777Z",        "eventType": "user.session.start",        "displayMessage": "User login to Okta",        "transaction": {            "type": "WEB",            "id": "V04Oy4ubUOc5UuG6s9DyNQAABtc"        },        "debugContext": {            "debugData": {                "requestUri": "/login/do-login"            }        },        "legacyEventType": "core.user_auth.login_success",        "authenticationContext": {            "authenticationStep": 0,            "externalSessionId": "1013FfF-DKQSvCI4RVXChzX-w"        }    }]

Workflow Library Example

Get Alerts for Login Attempts of Disabled Users in Okta

Preview this Workflow on desktop

Was this page helpful?

Get Group By Display NameGet User By Email