- Introduction to Context Management
- Onboarding a Context Table
- Custom Context Tables
- Create a Custom Context Table by Importing a CSV File
- Create a Custom Context Table Using the Add Custom Option
- Working with Filtered Context Tables
- View and Interact with a Custom or Filtered Context Table
- View the Details Panel for a Custom or Filtered Context Table
- Edit the Configuration of Custom or Filtered Context Tables
- Active Directory Context Tables
- Prerequisites to Onboard an Active Directory Context Table
- Create an Active Directory Context Table
- View and Interact with an Active Directory Context Table
- View the Details Panel for an Active Directory Context Table
- Edit the Configuration of an Active Directory Context Table
- Default Active Directory Attribute Mapping
- Microsoft Entra ID Context Tables
- Prerequisites to Onboard a Microsoft Entra ID Context Table
- Create a Microsoft Entra ID Context Table
- View and Interact with a Microsoft Entra ID Context Table
- View the Details Panel for a Microsoft Entra ID Context Table
- Edit the Configuration of a Microsoft Entra ID Context Table
- Default Microsoft Entra ID Attribute Mapping
- Okta Context Tables
- Custom Context Tables
- Add Data to an Existing Context Table
- Using Context Data in Downstream Applications
- Built-In Threat Intelligence Context Tables
- Context Management APIs
- Troubleshooting Context Management
Create an Okta Context Table
Before beginning this procedure, review the prerequisites.
To onboard an Okta context table:
Log into the Exabeam Security Operations Platform with your registered credentials.
Find the Security Management tab and click the Context Management tile.
Navigate to the Context Library tab and click Okta. The Okta Context Table panel opens.
In the Configuration section, complete the Definition step by entering the following information:
Context Table Name – Enter a name for the new Okta context table you're creating.
Okta Collector – In the Data Source section, choose a data source for your new context table. The drop down menu displays a list of the Okta Context cloud collectors that are currently configured and running in the Exabeam Cloud Collectors service. In the list, select a collector from which your new context table will process user attribute data.
If no Okta Context cloud collectors are listed, follow the steps in the Okta Context Cloud Collector section of the Cloud Collector Administration Guide.
Click Next.
In the Review Attributes step, review the mapping of available Okta attributes to the target attributes in the new context table you are creating.
The attribute mapping table has the following columns (as shown in the image below):
– Shows whether a specific attribute is visible as a column in the context table. Use the icon next to each attribute to toggle the display on or off.Source Attribute – Shows a default set of attributes available from your Okta application. Some source attributes are listed simply as Calculated attribute. These are attributes that are calculated, either in format or in value. Hover over the Calculated attribute tag in the Source Attribute column to view a description of the attribute and its calculation.
Target Attribute – The Target Attributes column shows the Exabeam common user information model attributes that are mapped to the AD attributes in your context table. For an easy-to-read table of the default attribute mapping, see Default Okta Attribute Mapping.
– Indicates that an attribute is designated as the key attribute for the context table. The designated key and its mapping cannot be changed.
– Indicates that an attribute and its mapping cannot be changed.
You can modify the mapping of Okta attributes, that are not key or locked attributes, in the following ways:
Hover over an attribute row where you want to change the mapping.
Click the delete icon (
) to remove the currently mapped target attribute.Then click Add Target Attributes and do one of the following:
Search for and select an existing target attribute to map it as the target.
Click Add Custom Attribute, enter a new attribute name, and click the plus icon (
) to add it to the list of available target attributes. It will be added with a custom icon (
) to the left of the attribute name. Then select the newly created target attribute to map it.
When you are satisfied with the attribute mapping, click Create to onboard the new Okta context table. A success message is displayed.
Click Go to Overview to return to the Overview tab that lists all the context tables currently available. The new context table should appear in the list. When you open the table, it displays the user objects processed from the source Cloud Collector (it does not include asset objects).