demisto · BEAdi · Oct 30, 2023 · Oct 30, 2023 · Oct 30, 2023
diff --git a/Packs/Okta/Integrations/OktaEventCollector/OktaEventCollector.py b/Packs/Okta/Integrations/OktaEventCollector/OktaEventCollector.py
@@ -112,14 +112,14 @@ def aggregated_results(self, last_object_ids: List[str] = None) -> List[dict]:
         return stored_events
 
     @staticmethod
-    def get_last_run(events: List[dict]) -> dict:
+    def get_last_run(events: List[dict], last_run_after) -> dict:
         """
         Get the info from the last run, it returns the time to query from and a list of ids to prevent duplications
         """
 
         ids = []
         # gets the last event time
-        last_time = events[-1].get('published')
+        last_time = events[-1].get('published') if events else last_run_after
         for event in reversed(events):
             if event.get('published') != last_time:
                 break
@@ -148,10 +148,10 @@ def main():  # pragma: no cover
         last_run = demisto.getLastRun()
         last_object_ids = last_run.get('ids')
         if 'after' not in last_run:
-            last_run = after.isoformat()  # type: ignore
+            last_run_after = after.isoformat()  # type: ignore
         else:
-            last_run = last_run['after']
-        demisto_params['params'] = ReqParams(**demisto_params, since=last_run)
+            last_run_after = last_run['after']
+        demisto_params['params'] = ReqParams(**demisto_params, since=last_run_after)
 
         request = Request(**demisto_params)
 
@@ -178,7 +178,7 @@ def main():  # pragma: no cover
         elif command == 'fetch-events':
             events = get_events.aggregated_results(last_object_ids=last_object_ids)
             send_events_to_xsiam(events[:events_limit], vendor=VENDOR, product=PRODUCT)
-            demisto.setLastRun(GetEvents.get_last_run(events))
+            demisto.setLastRun(GetEvents.get_last_run(events, last_run_after))
 
     except Exception as e:
         return_error(f'Failed to execute {demisto.command()} command. Error: {str(e)}')

diff --git a/Packs/Okta/Integrations/OktaEventCollector/OktaEventCollector.yml b/Packs/Okta/Integrations/OktaEventCollector/OktaEventCollector.yml
@@ -69,7 +69,7 @@ script:
       required: true
     description: Manual command to fetch events and display them.
     name: okta-get-events
-  dockerimage: demisto/fastapi:1.0.0.68930
+  dockerimage: demisto/fastapi:1.0.0.79360
   isfetchevents: true
   subtype: python3
 marketplaces:

diff --git a/Packs/Okta/Integrations/OktaEventCollector/OktaEventCollector_description.md b/Packs/Okta/Integrations/OktaEventCollector/OktaEventCollector_description.md
@@ -14,7 +14,7 @@ Okta Events collector XSIAM
 ## Step by step configuration
 
 **Server URL** - `https://<domain>.com/api/v1/logs` (where `domain` is your domain name). To get help finding your domain, see:  
-https://developer.okta.com/docs/guides/find-your-domain/main/  
+[https://developer.okta.com/docs/guides/find-your-domain/main/](https://developer.okta.com/docs/guides/find-your-domain/main/)  
 **API key** - your API key 
 **Number of incidents to fetch per fetch** - 100  
 **Events fetch  interval** - 01 Minutes 

diff --git a/Packs/Okta/Integrations/OktaEventCollector/OktaEventCollector_test.py b/Packs/Okta/Integrations/OktaEventCollector/OktaEventCollector_test.py
@@ -30,24 +30,30 @@ def test_remove_duplicates(events, ids, result):
     assert get_events.remove_duplicates(events, ids) == result
 
 
-@pytest.mark.parametrize("events,result", [
+@pytest.mark.parametrize("events,last_run_after,result", [
     ([{'published': '2022-04-17T12:31:36.667',
        'uuid': '1d0844b6-3148-11ec-9027-a5b57ec5faaa'},
       {'published': '2022-04-17T12:32:36.667',
        'uuid': '1d0844b6-3148-11ec-9027-a5b57ec5fbbb'},
       {'published': '2022-04-17T12:33:36.667',
        'uuid': '1d0844b6-3148-11ec-9027-a5b57ec5fccc'}],
+     '2022-04-17T11:30:00.000',
      {'after': '2022-04-17T12:33:36.667000', 'ids': ['1d0844b6-3148-11ec-9027-a5b57ec5fccc']}),
     ([{'published': '2022-04-17T12:31:36.667',
        'uuid': '1d0844b6-3148-11ec-9027-a5b57ec5faaa'},
       {'published': '2022-04-17T12:32:36.667',
        'uuid': '1d0844b6-3148-11ec-9027-a5b57ec5fbbb'},
       {'published': '2022-04-17T12:32:36.667',
-       'uuid': '1d0844b6-3148-11ec-9027-a5b57ec5fccc'}], {'after': '2022-04-17T12:32:36.667000',
-                                                          'ids': ['1d0844b6-3148-11ec-9027-a5b57ec5fccc',
-                                                                  '1d0844b6-3148-11ec-9027-a5b57ec5fbbb']})])
-def test_get_last_run(events, result):
-    assert get_events.get_last_run(events) == result
+       'uuid': '1d0844b6-3148-11ec-9027-a5b57ec5fccc'}],
+     '2022-04-17T11:30:00.000',
+     {'after': '2022-04-17T12:32:36.667000',
+      'ids': ['1d0844b6-3148-11ec-9027-a5b57ec5fccc',
+              '1d0844b6-3148-11ec-9027-a5b57ec5fbbb']}),
+    ([],
+     '2022-04-17T12:31:36.667',
+     {'after': '2022-04-17T12:31:36.667000', 'ids': []})])
+def test_get_last_run(events, last_run_after, result):
+    assert get_events.get_last_run(events, last_run_after) == result
 
 
 @pytest.mark.parametrize("time", ['2022-04-17T12:32:36.667)'])

diff --git a/Packs/Okta/ReleaseNotes/3_2_2.md b/Packs/Okta/ReleaseNotes/3_2_2.md
@@ -0,0 +1,4 @@
+#### Integrations
+##### Okta Event Collector
+- Fixed an issue where fetching events didn't work when there were no events.
+- Updated the Docker image to: *demisto/fastapi:1.0.0.79360*.
diff --git a/Packs/Okta/pack_metadata.json b/Packs/Okta/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Okta",
     "description": "Integration with Okta's cloud-based identity management service.",
     "support": "xsoar",
-    "currentVersion": "3.2.1",
+    "currentVersion": "3.2.2",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",