OneLogin is a cloud-based identity and access management (IAM) provider. This integration allows you to ship logs from your OneLogin account to your Logz.io account.

Before you begin, you’ll need:

  • An active account with OneLogin
  • An actie account with Logz.io
Login to your OneLogin account

Log in to your OneLogin account as admin.

Open the New broadcaster dialog

Navigate to Developers > Webhooks > New broadcaster.

Fill out the New broadcaster dialog

New-broadcaster

  • In the Title field, enter logzio.

  • In the Format field, select SIEM (NDJSON).

  • In the Listener URL field, enter https://<<LISTENER-HOST>>:8071/?token=<<LOG-SHIPPING-TOKEN>>&type=onelogin. Replace <<LISTENER-HOST>> with the host for your region. For example, listener.logz.io if your account is hosted on AWS US East, or listener-nl.logz.io if hosted on Azure West Europe. Your Logz.io log shipping token directs the data securely to your Logz.io Log Management account. The default token is auto-populated in the examples when you’re logged into the Logz.io app as an Admin. Manage your tokens.

Save changes

When everything is filled out, click Save.

Check Logz.io for your logs

Give your logs some time to get from your system to ours, and then open Kibana. You can search for type:onelogin to filter for your OneLogin logs.

If you still don’t see your logs, see log shipping troubleshooting.