Best Practice for Duo Security Users Load – oomnitza

The best practice for the Duo Security user load provides you with the information that you need to complete and run the integration successfully, and gain visibility of the data that is ingested by Oomnitza.

The following items are in the package:

Credentials
- Duo Security Integrations Load
Integration
- Duo Security Users Load
Role
- Users Integration User

For the integration to run, information such as authorization and integration values, must be added or updated.

Best practice
For the integration with Oomnitza, create a dedicated user account.

The user that you create for the integration with Oomnitza, must have the correct scopes.

You must make the following updates:

Credentials
When the integration was migrated, only the shell of the credentials were created. Click the credentials for the Duo Security user load, and enter your token ID and secret key.
Integration Preferences
On the Connect page for the integration, make the following changes:
- Change the value selected for Integration preference. If this is the first time that you have run the integration, select Create & Update.
- To identify who made the integration changes, add a valid username in the Integration user field.
- Enter the unique hex value of your domain: api-xxxxxx.duosecurity.com.
- On the Mappings page, click Edit Connector. You can add rules to exclude the user records that you don't want to monitor such as system users and bots.
Workflow
By default, the workflow for Duo Security is deactivated. You must activate the workflow if you want the workflow to retrieve user roles.