Log Streaming

The Log Streaming API provides operations to manage log stream configurations for an org. You can configure up to two log stream integrations per org.

List all Log Streams
OAuth 2.0: okta.logStreams.read

Lists all Log Stream objects in your org. You can request a paginated list or a subset of Log Streams that match a supported filter expression.

Request
query Parameters
after
string

The cursor to use for pagination. It is an opaque string that specifies your current location in the list and is obtained from the Link response header. See Pagination for more information.

limit
integer [ 1 .. 200 ]
Default: 20

A limit on the number of objects to return.

filter
string

An expression that filters the returned objects. You can only use the eq operator on either the status or type properties in the filter expression.

Example: filter=type eq "aws_eventbridge"
Responses
200

OK

403

Forbidden

429

Too Many Requests

get/api/v1/logStreams
Request samples
Response samples
application/json
[]

Create a Log Stream
OAuth 2.0: okta.logStreams.manage

Creates a new Log Stream object

Request
Request Body schema: application/json
name
required
string (LogStreamName)

Unique name for the Log Stream object

type
required
string (LogStreamType)

Specifies the streaming provider used

Supported providers:

Select the provider type to see provider-specific configurations in the settings property:

required
object (LogStreamSettingsAws)

Specifies the configuration for the aws_eventbridge Log Stream type. This configuration can't be modified after creation.

accountId
required
string (AwsAccountId) = 12 characters

Your AWS account ID

eventSourceName
required
string (AwsEventSourceName) [ 1 .. 75 ] characters ^[a-zA-Z0-9.\-_]$

An alphanumeric name (no spaces) to identify this event source in AWS EventBridge

region
required
string (AwsRegion)

The destination AWS region where your event source is located

Enum: "ap-northeast-1" "ap-northeast-2" "ap-northeast-3" "ap-south-1" "ap-southeast-1" "ap-southeast-2" "ca-central-1" "eu-central-1" "eu-north-1" "eu-west-1" "eu-west-2" "eu-west-3" "sa-east-1" "us-east-1" "us-east-2" "us-west-1" "us-west-2"
Responses
200

Success

400

Bad Request

403

Forbidden

429

Too Many Requests

post/api/v1/logStreams
Request samples
application/json
{
  • "type": "aws_eventbridge",
  • "name": "Example AWS EventBridge",
  • "settings": {
    • "eventSourceName": "your-event-source-name",
    • "accountId": "123456789012",
    • "region": "us-east-2"
    }
}
Response samples
application/json
{}

Retrieve a Log Stream
OAuth 2.0: okta.logStreams.read

Retrieves a Log Stream object by ID

Request
path Parameters
logStreamId
required
string

Unique identifier for the Log Stream

Example: 0oa1orzg0CHSgPcjZ0g4
Responses
200

OK

403

Forbidden

404

Not Found

429

Too Many Requests

get/api/v1/logStreams/{logStreamId}
Request samples
Response samples
application/json
{}

Replace a Log Stream
OAuth 2.0: okta.logStreams.manage

Replaces the Log Stream object properties for a given ID.

This operation is typically used to update the configuration of a Log Stream. Depending on the type of Log Stream you want to update, certain properties can't be modified after the Log Stream is initially created. Use the Retrieve the Log Stream Schema for the schema type request to determine which properties you can update for the specific Log Stream type. Log Stream properties with the "writeOnce" : true attribute can't be updated after creation. You must still specify these writeOnce properties in the request body with the original values in the PUT request.

Note: You don't have to specify properties that have both the "writeOnce": true and the "writeOnly": true attributes in the PUT request body. These property values are ignored even if you add them in the PUT request body.

Request
path Parameters
logStreamId
required
string

Unique identifier for the Log Stream

Example: 0oa1orzg0CHSgPcjZ0g4
Request Body schema: application/json
name
required
string (LogStreamName)

Unique name for the Log Stream object

type
required
string (LogStreamType)

Specifies the streaming provider used

Supported providers:

Select the provider type to see provider-specific configurations in the settings property:

required
object (LogStreamSettingsAws)

Specifies the configuration for the aws_eventbridge Log Stream type. This configuration can't be modified after creation.

accountId
required
string (AwsAccountId) = 12 characters

Your AWS account ID

eventSourceName
required
string (AwsEventSourceName) [ 1 .. 75 ] characters ^[a-zA-Z0-9.\-_]$

An alphanumeric name (no spaces) to identify this event source in AWS EventBridge

region
required
string (AwsRegion)

The destination AWS region where your event source is located

Enum: "ap-northeast-1" "ap-northeast-2" "ap-northeast-3" "ap-south-1" "ap-southeast-1" "ap-southeast-2" "ca-central-1" "eu-central-1" "eu-north-1" "eu-west-1" "eu-west-2" "eu-west-3" "sa-east-1" "us-east-1" "us-east-2" "us-west-1" "us-west-2"
Responses
200

OK

400

Bad Request

403

Forbidden

404

Not Found

429

Too Many Requests

put/api/v1/logStreams/{logStreamId}
Request samples
application/json
{
  • "type": "aws_eventbridge",
  • "name": "Updated AWS EventBridge",
  • "settings": {
    • "eventSourceName": "your-event-source-name",
    • "accountId": "123456789012",
    • "region": "us-east-2"
    }
}
Response samples
application/json
{}

Delete a Log Stream
OAuth 2.0: okta.logStreams.manage

Deletes a Log Stream object from your org by ID

Request
path Parameters
logStreamId
required
string

Unique identifier for the Log Stream

Example: 0oa1orzg0CHSgPcjZ0g4
Responses
204

No Content

403

Forbidden

404

Not Found

429

Too Many Requests

delete/api/v1/logStreams/{logStreamId}
Request samples
Response samples
application/json
{
  • "errorCode": "E0000006",
  • "errorSummary": "You do not have permission to perform the requested action",
  • "errorLink": "E0000006",
  • "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
  • "errorCauses": [ ]
}

Activate a Log Stream
OAuth 2.0: okta.logStreams.manage

Activates a log stream by logStreamId

Request
path Parameters
logStreamId
required
string

Unique identifier for the Log Stream

Example: 0oa1orzg0CHSgPcjZ0g4
Responses
200

OK

403

Forbidden

404

Not Found

429

Too Many Requests

post/api/v1/logStreams/{logStreamId}/lifecycle/activate
Request samples
Response samples
application/json
{}

Deactivate a Log Stream
OAuth 2.0: okta.logStreams.manage

Deactivates a log stream by logStreamId

Request
path Parameters
logStreamId
required
string

Unique identifier for the Log Stream

Example: 0oa1orzg0CHSgPcjZ0g4
Responses
200

OK

403

Forbidden

404

Not Found

429

Too Many Requests

post/api/v1/logStreams/{logStreamId}/lifecycle/deactivate
Request samples
Response samples
application/json
{}