Techniques
Sample rules
Okta API Token Created
- source: sigma
- technicques:
Description
Detects when a API token is created
Detection logic
condition: selection
selection:
eventtype: system.api_token.create
LoFP
/
legitimate creation of an api token by authorized usersDetects when a API token is created
condition: selection
selection:
eventtype: system.api_token.create