[Okta]: Incorrect filters in Okta Dashboard elements #13615
Assignees
Labels
bug
Something isn't working, use only for issues
dashboard
Relates to a Kibana dashboard bug, enhancement, or modification.
Integration:okta
Okta
needs:triage
Team:Security-Service Integrations
Security Service Integrations team [elastic/security-service-integrations]
Team:Sit-Crest
Crest developers on the Security Integrations team [elastic/sit-crest-contractors]
Comments
tammytorbert
added
needs:triage
bug
jamiehynds
added
the
Team:Security-Service Integrations
|
Pinging @elastic/security-service-integrations (Team:Security-Service Integrations) |
jamiehynds
added
the
Team:Sit-Crest
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Integration Name
Okta [okta]
Dataset Name
okta.system
Integration Version
3.4.2
Agent Version
n/a
Agent Output Type
elasticsearch
Elasticsearch Version
8.17.4
OS Version and Architecture
ESS
Software/API Version
No response
Error Message
N/A
Event Original
N/A
What did you do?
Loaded sample okta event data based on expected.json files found in integration directory using bulk api for ingest.
What did you see?
Event Outcome [Logs Okta] loads a chart. However, when I pivot to Discover, the filter condition only has
event.outcome: *. When I review the results in Discover, I have results from datasources outside of Okta.Okta Failure Events does not load any results, despite having events with failure for the
event.outcome. Reviewing the query for this dashboard element it is looking forevent.outcome: FAILURE, however based on ECS, this should be all lowercase.What did you expect to see?
Event Outcome [Logs Okta] - only expected Okta results to be used for the calculation in the visualization.
Okta Failure Events - expected to see the chart load with failure results.
Anything else?
No response
The text was updated successfully, but these errors were encountered: