Okta Advanced Server Access collector

Service description

Okta Advanced Server Access is an application that manages SSH and RDP access to Linux and Windows servers. Using Okta as its source of truth, Advanced Server Access reconciles with your internal servers to provide Zero Trust software that you can use to secure them. To start using Advanced Server Access, you have to create a team and configure some settings. In Advanced Server Access, a team is a named group of users who can authenticate with Okta. A team is an Advanced Server Access tenant, which is similar to an Okta tenant. All configurations and resources in Advanced Server Access are scoped to a team.

Learn more about this technology by accessing the web documentation here.

Data source description

The collector process the OKTA ASA API responses and send them to the Devo platform, which will categorize all the information received on tables in your Devo domain.

The OKTA ASA Resource API allows to retrieve account activities for the event resource:

Setup

Authentication

To retrieve an auth token, you need to create a Service User and API key.

Also, you will need to provide a team name in order to run the collector. That can be found on your Okta ASA Dashboard account options, at the top-right corner. The name followed by the rocket icon is your team name.

Open

Permissions

The permissions of an ASA User are determined by their ASA Group membership. Each ASA Group to which an ASA User belongs implies permissions through Team-wide Roles and Project membership.

Create a group, assign it to a user, and give it the “reporting” permission only. That permission will be enough to extract audit events.

Run the collector

Once the data source is configured, you can either send us the required information if you want us to host and manage the collector for you (Cloud collector), or deploy and host the collector in your own machine using a Docker image (On-premise collector).