diff --git a/api/proto/teleport/legacy/types/events/events.proto b/api/proto/teleport/legacy/types/events/events.proto
index 3e2c952973dbb..92f0a7f58f05c 100644
--- a/api/proto/teleport/legacy/types/events/events.proto
+++ b/api/proto/teleport/legacy/types/events/events.proto
@@ -77,6 +77,9 @@ enum UserKind {
 
   // Indicates the user associated with this event is a Machine ID bot user.
   USER_KIND_BOT = 2;
+
+  // Indicates that the user associated with this event is a system component e.g. Okta service.
+  USER_KIND_SYSTEM = 3;
 }
 
 // UserOrigin is the origin of a user account.
diff --git a/api/types/events/events.pb.go b/api/types/events/events.pb.go
index b5bc65bfa5626..a964b84ac1508 100644
--- a/api/types/events/events.pb.go
+++ b/api/types/events/events.pb.go
@@ -45,18 +45,22 @@ const (
 	UserKind_USER_KIND_HUMAN UserKind = 1
 	// Indicates the user associated with this event is a Machine ID bot user.
 	UserKind_USER_KIND_BOT UserKind = 2
+	// Indicates that the user associated with this event is a system component e.g. Okta service.
+	UserKind_USER_KIND_SYSTEM UserKind = 3
 )
 
 var UserKind_name = map[int32]string{
 	0: "USER_KIND_UNSPECIFIED",
 	1: "USER_KIND_HUMAN",
 	2: "USER_KIND_BOT",
+	3: "USER_KIND_SYSTEM",
 }
 
 var UserKind_value = map[string]int32{
 	"USER_KIND_UNSPECIFIED": 0,
 	"USER_KIND_HUMAN":       1,
 	"USER_KIND_BOT":         2,
+	"USER_KIND_SYSTEM":      3,
 }
 
 func (x UserKind) String() string {
@@ -17012,7 +17016,7 @@ func init() {
 }
 
 var fileDescriptor_007ba1c3d6266d56 = []byte{
-	// 18789 bytes of a gzipped FileDescriptorProto
+	// 18798 bytes of a gzipped FileDescriptorProto
 	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0xfd, 0x7b, 0x78, 0x25, 0xc9,
 	0x75, 0x18, 0x86, 0xe3, 0x3e, 0x70, 0x01, 0x1c, 0x3c, 0xe6, 0x4e, 0xcd, 0xab, 0x67, 0x76, 0x76,
 	0xef, 0x6e, 0xef, 0x72, 0x38, 0xb3, 0xdc, 0x9d, 0xd9, 0x9d, 0x7d, 0x90, 0xfb, 0x20, 0x97, 0x17,
@@ -18144,50 +18148,50 @@ var fileDescriptor_007ba1c3d6266d56 = []byte{
 	0x38, 0xa6, 0x41, 0x0f, 0x71, 0x51, 0x39, 0x38, 0x7b, 0x58, 0xee, 0xb0, 0xe2, 0x1e, 0x3d, 0x62,
 	0x77, 0x26, 0xae, 0x43, 0x4c, 0x62, 0xf3, 0xde, 0x12, 0xd7, 0x8f, 0xe7, 0xe1, 0x74, 0xc3, 0x5c,
 	0x76, 0x3d, 0xdb, 0xa1, 0x0b, 0x18, 0xb1, 0xe3, 0x58, 0x93, 0x32, 0x45, 0x73, 0x88, 0xb9, 0xa2,
-	0xde, 0xeb, 0xa2, 0x39, 0x1e, 0x50, 0x1c, 0xff, 0xf4, 0x2c, 0xbf, 0x0d, 0xbf, 0x65, 0x5a, 0x06,
-	0x39, 0x0f, 0x67, 0x6e, 0x37, 0x26, 0xb5, 0xe6, 0xad, 0xfa, 0x5c, 0xad, 0x79, 0x7b, 0xae, 0xb1,
-	0x30, 0x39, 0x51, 0x9f, 0xaa, 0x4f, 0xd6, 0xca, 0x7d, 0xe4, 0x14, 0x9c, 0x08, 0x51, 0xd3, 0xb7,
-	0x67, 0xab, 0x73, 0xe5, 0x1c, 0x39, 0x09, 0xa3, 0x21, 0x70, 0x7c, 0x7e, 0xb1, 0x9c, 0x7f, 0xfa,
-	0x27, 0x72, 0x00, 0x8c, 0xdf, 0xbc, 0x63, 0x2e, 0x9b, 0x16, 0x79, 0x04, 0xce, 0x21, 0xc5, 0xbc,
-	0x56, 0xbf, 0x51, 0x9f, 0x8b, 0xf1, 0x3c, 0x03, 0x27, 0x65, 0xe4, 0xcc, 0xfc, 0x44, 0x75, 0xa6,
-	0x9c, 0x0b, 0xaa, 0x12, 0xe0, 0x46, 0x63, 0xbe, 0x9c, 0x27, 0xa7, 0xa1, 0x2c, 0x03, 0xe7, 0x6f,
-	0x2d, 0x56, 0xcb, 0x85, 0x38, 0xb4, 0x31, 0x51, 0x9f, 0x2d, 0x17, 0xc9, 0x39, 0x38, 0x25, 0x43,
-	0x27, 0xe7, 0x16, 0xb5, 0x6a, 0xbd, 0x56, 0xee, 0x7f, 0xfa, 0x83, 0x30, 0x8c, 0xb1, 0x83, 0xc4,
-	0xde, 0x79, 0x04, 0x06, 0xe7, 0xc7, 0x1b, 0x93, 0xda, 0x1d, 0x6c, 0x0d, 0x40, 0xa9, 0x36, 0x39,
-	0xc7, 0x5a, 0x96, 0x7b, 0xfa, 0xff, 0xca, 0x01, 0x34, 0xa6, 0x16, 0x17, 0x04, 0xe1, 0x30, 0x0c,
-	0xd4, 0xe7, 0xee, 0x54, 0x67, 0xea, 0x8c, 0x6e, 0x10, 0x8a, 0xf3, 0x0b, 0x93, 0xec, 0xf3, 0x87,
-	0xa0, 0x7f, 0x62, 0x66, 0xbe, 0x31, 0x59, 0xce, 0x33, 0xa0, 0x36, 0x59, 0xad, 0x95, 0x0b, 0x0c,
-	0x78, 0x57, 0xab, 0x2f, 0x4e, 0x96, 0x8b, 0xec, 0xcf, 0x99, 0xc6, 0x62, 0x75, 0xb1, 0xdc, 0xcf,
-	0xfe, 0x9c, 0xc2, 0x3f, 0x4b, 0x8c, 0x59, 0x63, 0x72, 0x11, 0x7f, 0x0c, 0xb0, 0x26, 0x4c, 0xf9,
-	0xbf, 0x06, 0x19, 0x8a, 0xb1, 0xae, 0xd5, 0xb5, 0xf2, 0x10, 0xfb, 0xc1, 0x58, 0xb2, 0x1f, 0xc0,
-	0x1a, 0xa7, 0x4d, 0xce, 0xce, 0xdf, 0x99, 0x2c, 0x0f, 0x33, 0x5e, 0xb3, 0xb7, 0x18, 0x78, 0x84,
-	0xfd, 0xa9, 0xcd, 0xb2, 0x3f, 0x47, 0x19, 0x27, 0x6d, 0xb2, 0x3a, 0xb3, 0x50, 0x5d, 0x9c, 0x2e,
-	0x8f, 0xb1, 0xf6, 0x20, 0xcf, 0x13, 0xbc, 0xe4, 0x5c, 0x75, 0x76, 0xb2, 0x5c, 0x16, 0x34, 0xb5,
-	0x99, 0xfa, 0xdc, 0xad, 0xf2, 0x49, 0x6c, 0xc8, 0x5b, 0xb3, 0xf8, 0x83, 0xb0, 0x02, 0xf8, 0xd7,
-	0xa9, 0xa7, 0xbf, 0x0b, 0x4a, 0xf3, 0x0d, 0xbc, 0xc5, 0x3f, 0x07, 0xa7, 0xe6, 0x1b, 0xcd, 0xc5,
-	0xb7, 0x16, 0x26, 0x63, 0x1d, 0x77, 0x12, 0x46, 0x7d, 0xc4, 0x4c, 0x7d, 0xee, 0xf6, 0x9b, 0x5c,
-	0x15, 0x7c, 0xd0, 0x6c, 0x75, 0x62, 0xbe, 0x51, 0xce, 0xb3, 0x7e, 0xf4, 0x41, 0x77, 0xeb, 0x73,
-	0xb5, 0xf9, 0xbb, 0x8d, 0x72, 0xe1, 0xe9, 0xfb, 0x30, 0x52, 0xa3, 0xf7, 0xcd, 0x16, 0x15, 0x0a,
-	0xf2, 0x28, 0x9c, 0xaf, 0x4d, 0xde, 0xa9, 0x4f, 0x4c, 0x66, 0xaa, 0x48, 0x14, 0x5d, 0x5d, 0xa8,
-	0x97, 0x73, 0xe4, 0x2c, 0x90, 0x28, 0xf8, 0x66, 0x75, 0x76, 0xaa, 0x9c, 0x27, 0x0a, 0x9c, 0x8e,
-	0xc2, 0xeb, 0x73, 0x8b, 0xb7, 0xe7, 0x26, 0xcb, 0x85, 0xa7, 0xff, 0x76, 0x0e, 0xce, 0xa4, 0x66,
-	0x02, 0x27, 0x2a, 0x3c, 0x36, 0x39, 0x53, 0x6d, 0x2c, 0xd6, 0x27, 0x1a, 0x93, 0x55, 0x6d, 0x62,
-	0xba, 0x39, 0x51, 0x5d, 0x9c, 0xbc, 0x31, 0xaf, 0xbd, 0xd5, 0xbc, 0x31, 0x39, 0x37, 0xa9, 0x55,
-	0x67, 0xca, 0x7d, 0xe4, 0x49, 0xa8, 0x64, 0xd0, 0x34, 0x26, 0x27, 0x6e, 0x6b, 0xf5, 0xc5, 0xb7,
-	0xca, 0x39, 0xf2, 0x04, 0x3c, 0x9a, 0x49, 0xc4, 0x7e, 0x97, 0xf3, 0xe4, 0x31, 0xb8, 0x90, 0x45,
-	0xf2, 0x89, 0x99, 0x72, 0xe1, 0xe9, 0x1f, 0xcf, 0x01, 0x49, 0xa6, 0x72, 0x26, 0x8f, 0xc3, 0x45,
-	0xa6, 0x17, 0xcd, 0xec, 0x06, 0x3e, 0x01, 0x8f, 0xa6, 0x52, 0x48, 0xcd, 0xab, 0xc0, 0x23, 0x19,
-	0x24, 0xa2, 0x71, 0x17, 0x41, 0x49, 0x27, 0xc0, 0xa6, 0xfd, 0x42, 0x0e, 0xce, 0xa4, 0x86, 0xd3,
-	0x20, 0x97, 0xe1, 0xa9, 0x6a, 0x6d, 0x96, 0xf5, 0xcd, 0xc4, 0x62, 0x7d, 0x7e, 0xae, 0xd1, 0x9c,
-	0x9d, 0xaa, 0x36, 0x99, 0xf6, 0xdd, 0x6e, 0xc4, 0x7a, 0xf3, 0x12, 0xa8, 0x3d, 0x28, 0x27, 0xa6,
-	0xab, 0x73, 0x37, 0xd8, 0xf0, 0x23, 0x4f, 0xc1, 0xe3, 0x99, 0x74, 0x93, 0x73, 0xd5, 0xf1, 0x99,
-	0xc9, 0x5a, 0x39, 0x4f, 0x3e, 0x00, 0x4f, 0x64, 0x52, 0xd5, 0xea, 0x0d, 0x4e, 0x56, 0x78, 0x5a,
-	0x8f, 0x5c, 0xf2, 0xb2, 0xaf, 0x9c, 0x98, 0x9f, 0x5b, 0xac, 0x4e, 0x2c, 0xa6, 0x69, 0xf6, 0x79,
-	0x38, 0x13, 0xc1, 0x8e, 0xdf, 0x6e, 0xd4, 0xe7, 0x26, 0x1b, 0x8d, 0x72, 0x2e, 0x81, 0x0a, 0x44,
-	0x9b, 0x1f, 0xaf, 0x7d, 0xeb, 0x7f, 0x7c, 0xac, 0xef, 0x5b, 0x7f, 0xfa, 0x58, 0xee, 0xf7, 0xff,
-	0xf4, 0xb1, 0xdc, 0xbf, 0xfe, 0xd3, 0xc7, 0x72, 0x9f, 0xbc, 0xbe, 0x9b, 0x2c, 0xe0, 0x7c, 0xca,
-	0x5e, 0x2a, 0xe1, 0x3d, 0xdb, 0x0b, 0xff, 0x5f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xb3, 0xfc, 0xdb,
-	0x68, 0xce, 0xb2, 0x01, 0x00,
+	0xde, 0xeb, 0xa2, 0x39, 0x1e, 0x50, 0x1c, 0xff, 0x74, 0x8b, 0xdf, 0x86, 0xdf, 0x32, 0x2d, 0x83,
+	0x9c, 0x87, 0x33, 0xb7, 0x1b, 0x93, 0x5a, 0xf3, 0x56, 0x7d, 0xae, 0xd6, 0xbc, 0x3d, 0xd7, 0x58,
+	0x98, 0x9c, 0xa8, 0x4f, 0xd5, 0x27, 0x6b, 0xe5, 0x3e, 0x72, 0x0a, 0x4e, 0x84, 0xa8, 0xe9, 0xdb,
+	0xb3, 0xd5, 0xb9, 0x72, 0x8e, 0x9c, 0x84, 0xd1, 0x10, 0x38, 0x3e, 0xbf, 0x58, 0xce, 0x93, 0xd3,
+	0x50, 0x0e, 0x41, 0x8d, 0xb7, 0x1a, 0x8b, 0x93, 0xb3, 0xe5, 0xc2, 0xd3, 0x3f, 0x91, 0x03, 0x60,
+	0xb5, 0xcc, 0x3b, 0xe6, 0xb2, 0x69, 0x91, 0x47, 0xe0, 0x1c, 0x12, 0xcd, 0x6b, 0xf5, 0x1b, 0xf5,
+	0xb9, 0x58, 0x4d, 0x67, 0xe0, 0xa4, 0x8c, 0x9c, 0x99, 0x9f, 0xa8, 0xce, 0x94, 0x73, 0x41, 0x03,
+	0x04, 0xb8, 0xd1, 0x98, 0x97, 0x6a, 0x13, 0xc0, 0xf9, 0x5b, 0x8b, 0xd5, 0x72, 0x21, 0x0e, 0x6d,
+	0x4c, 0xd4, 0x67, 0xcb, 0x45, 0x72, 0x0e, 0x4e, 0xc9, 0xd0, 0xc9, 0xb9, 0x45, 0xad, 0x5a, 0xaf,
+	0x95, 0xfb, 0x9f, 0xfe, 0x20, 0x0c, 0x63, 0x44, 0x21, 0xb1, 0xa3, 0x1e, 0x81, 0xc1, 0xf9, 0xf1,
+	0xc6, 0xa4, 0x76, 0x07, 0x5b, 0x03, 0x50, 0xaa, 0x4d, 0xce, 0xb1, 0x96, 0xe5, 0x9e, 0xfe, 0xbf,
+	0x72, 0x00, 0x8d, 0xa9, 0xc5, 0x05, 0x41, 0x38, 0x0c, 0x03, 0xf5, 0xb9, 0x3b, 0xd5, 0x99, 0x3a,
+	0xa3, 0x1b, 0x84, 0xe2, 0xfc, 0xc2, 0x24, 0x13, 0xca, 0x10, 0xf4, 0x4f, 0xcc, 0xcc, 0x37, 0x26,
+	0xcb, 0x79, 0x06, 0xd4, 0x26, 0xab, 0xb5, 0x72, 0x81, 0x01, 0xef, 0x6a, 0xf5, 0xc5, 0xc9, 0x72,
+	0x91, 0xfd, 0x39, 0xd3, 0x58, 0xac, 0x2e, 0x96, 0xfb, 0xd9, 0x9f, 0x53, 0xf8, 0x67, 0x89, 0x31,
+	0x6b, 0x4c, 0x2e, 0xe2, 0x8f, 0x01, 0xd6, 0x84, 0x29, 0xff, 0xd7, 0x20, 0x43, 0x31, 0xd6, 0xb5,
+	0xba, 0x56, 0x1e, 0x62, 0x3f, 0x18, 0x4b, 0xf6, 0x03, 0x58, 0xe3, 0xb4, 0xc9, 0xd9, 0xf9, 0x3b,
+	0x93, 0xe5, 0x61, 0xc6, 0x6b, 0xf6, 0x16, 0x03, 0x8f, 0xb0, 0x3f, 0xb5, 0x59, 0xf6, 0xe7, 0x28,
+	0xe3, 0xa4, 0x4d, 0x56, 0x67, 0x16, 0xaa, 0x8b, 0xd3, 0xe5, 0x31, 0xd6, 0x1e, 0xe4, 0x79, 0x82,
+	0x97, 0x9c, 0xab, 0xce, 0x4e, 0x96, 0xcb, 0x82, 0xa6, 0x36, 0x53, 0x9f, 0xbb, 0x55, 0x3e, 0x89,
+	0x0d, 0x79, 0x6b, 0x16, 0x7f, 0x10, 0x56, 0x00, 0xff, 0x3a, 0xf5, 0xf4, 0x77, 0x41, 0x69, 0xbe,
+	0x81, 0x77, 0xfb, 0xe7, 0xe0, 0xd4, 0x7c, 0xa3, 0xb9, 0xf8, 0xd6, 0xc2, 0x64, 0xac, 0xe3, 0x4e,
+	0xc2, 0xa8, 0x8f, 0x98, 0xa9, 0xcf, 0xdd, 0x7e, 0x93, 0x2b, 0x88, 0x0f, 0x9a, 0xad, 0x4e, 0xcc,
+	0x37, 0xca, 0x79, 0xd6, 0x8f, 0x3e, 0xe8, 0x6e, 0x7d, 0xae, 0x36, 0x7f, 0xb7, 0x51, 0x2e, 0x3c,
+	0x7d, 0x1f, 0x46, 0x6a, 0xf4, 0xbe, 0xd9, 0xa2, 0x42, 0x41, 0x1e, 0x85, 0xf3, 0xb5, 0xc9, 0x3b,
+	0xf5, 0x89, 0xc9, 0x4c, 0x15, 0x89, 0xa2, 0xab, 0x0b, 0xf5, 0x72, 0x8e, 0x9c, 0x05, 0x12, 0x05,
+	0xdf, 0xac, 0xce, 0x4e, 0x95, 0xf3, 0x44, 0x81, 0xd3, 0x51, 0x78, 0x7d, 0x6e, 0xf1, 0xf6, 0xdc,
+	0x64, 0xb9, 0xf0, 0xf4, 0xdf, 0xce, 0xc1, 0x99, 0xd4, 0xfc, 0xe0, 0x44, 0x85, 0xc7, 0x26, 0x67,
+	0xaa, 0x8d, 0xc5, 0xfa, 0x44, 0x63, 0xb2, 0xaa, 0x4d, 0x4c, 0x37, 0x27, 0xaa, 0x8b, 0x93, 0x37,
+	0xe6, 0xb5, 0xb7, 0x9a, 0x37, 0x26, 0xe7, 0x26, 0xb5, 0xea, 0x4c, 0xb9, 0x8f, 0x3c, 0x09, 0x95,
+	0x0c, 0x9a, 0xc6, 0xe4, 0xc4, 0x6d, 0xad, 0xbe, 0xf8, 0x56, 0x39, 0x47, 0x9e, 0x80, 0x47, 0x33,
+	0x89, 0xd8, 0xef, 0x72, 0x9e, 0x3c, 0x06, 0x17, 0xb2, 0x48, 0x3e, 0x31, 0x53, 0x2e, 0x3c, 0xfd,
+	0xe3, 0x39, 0x20, 0xc9, 0x04, 0xcf, 0xe4, 0x71, 0xb8, 0xc8, 0xf4, 0xa2, 0x99, 0xdd, 0xc0, 0x27,
+	0xe0, 0xd1, 0x54, 0x0a, 0xa9, 0x79, 0x15, 0x78, 0x24, 0x83, 0x44, 0x34, 0xee, 0x22, 0x28, 0xe9,
+	0x04, 0xd8, 0xb4, 0x5f, 0xc8, 0xc1, 0x99, 0xd4, 0x20, 0x1b, 0xe4, 0x32, 0x3c, 0x55, 0xad, 0xcd,
+	0xb2, 0xbe, 0x99, 0x58, 0xac, 0xcf, 0xcf, 0x35, 0x9a, 0xb3, 0x53, 0xd5, 0x26, 0xd3, 0xbe, 0xdb,
+	0x8d, 0x58, 0x6f, 0x5e, 0x02, 0xb5, 0x07, 0xe5, 0xc4, 0x74, 0x75, 0xee, 0x06, 0x1b, 0x7e, 0xe4,
+	0x29, 0x78, 0x3c, 0x93, 0x6e, 0x72, 0xae, 0x3a, 0x3e, 0x33, 0x59, 0x2b, 0xe7, 0xc9, 0x07, 0xe0,
+	0x89, 0x4c, 0xaa, 0x5a, 0xbd, 0xc1, 0xc9, 0x0a, 0x4f, 0xeb, 0x91, 0xab, 0x5f, 0xf6, 0x95, 0x13,
+	0xf3, 0x73, 0x8b, 0xd5, 0x89, 0xc5, 0x34, 0xcd, 0x3e, 0x0f, 0x67, 0x22, 0xd8, 0xf1, 0xdb, 0x8d,
+	0xfa, 0xdc, 0x64, 0xa3, 0x51, 0xce, 0x25, 0x50, 0x81, 0x68, 0xf3, 0xe3, 0xb5, 0x6f, 0xfd, 0x8f,
+	0x8f, 0xf5, 0x7d, 0xeb, 0x4f, 0x1f, 0xcb, 0xfd, 0xfe, 0x9f, 0x3e, 0x96, 0xfb, 0xd7, 0x7f, 0xfa,
+	0x58, 0xee, 0x93, 0xd7, 0x77, 0x93, 0x1b, 0x9c, 0x4f, 0xe4, 0x4b, 0x25, 0xbc, 0x7d, 0x7b, 0xe1,
+	0xff, 0x0b, 0x00, 0x00, 0xff, 0xff, 0x06, 0xac, 0xa6, 0xb9, 0xe4, 0xb2, 0x01, 0x00,
 }
 
 func (m *Metadata) Marshal() (dAtA []byte, err error) {
diff --git a/gen/proto/go/prehog/v1/teleport.pb.go b/gen/proto/go/prehog/v1/teleport.pb.go
index 9e671ca3b9034..b6181b92b0237 100644
--- a/gen/proto/go/prehog/v1/teleport.pb.go
+++ b/gen/proto/go/prehog/v1/teleport.pb.go
@@ -60,6 +60,10 @@ const (
 	//
 	// PostHog property value: "bot"
 	UserKind_USER_KIND_BOT UserKind = 2
+	// Indicates that the user associated with this event is a system component e.g. Okta service.
+	//
+	// PostHog property value: "system"
+	UserKind_USER_KIND_SYSTEM UserKind = 3
 )
 
 // Enum value maps for UserKind.
@@ -68,11 +72,13 @@ var (
 		0: "USER_KIND_UNSPECIFIED",
 		1: "USER_KIND_HUMAN",
 		2: "USER_KIND_BOT",
+		3: "USER_KIND_SYSTEM",
 	}
 	UserKind_value = map[string]int32{
 		"USER_KIND_UNSPECIFIED": 0,
 		"USER_KIND_HUMAN":       1,
 		"USER_KIND_BOT":         2,
+		"USER_KIND_SYSTEM":      3,
 	}
 )
 
@@ -1171,11 +1177,12 @@ const file_prehog_v1_teleport_proto_rawDesc = "" +
 	"\x15bot_instance_activity\x18\x03 \x03(\v2$.prehog.v1.BotInstanceActivityReportR\x13botInstanceActivity\";\n" +
 	"\x1aSubmitUsageReportsResponse\x12\x1d\n" +
 	"\n" +
-	"batch_uuid\x18\x01 \x01(\fR\tbatchUuid*M\n" +
+	"batch_uuid\x18\x01 \x01(\fR\tbatchUuid*c\n" +
 	"\bUserKind\x12\x19\n" +
 	"\x15USER_KIND_UNSPECIFIED\x10\x00\x12\x13\n" +
 	"\x0fUSER_KIND_HUMAN\x10\x01\x12\x11\n" +
-	"\rUSER_KIND_BOT\x10\x02*\x9a\x01\n" +
+	"\rUSER_KIND_BOT\x10\x02\x12\x14\n" +
+	"\x10USER_KIND_SYSTEM\x10\x03*\x9a\x01\n" +
 	"\n" +
 	"UserOrigin\x12\x1b\n" +
 	"\x17USER_ORIGIN_UNSPECIFIED\x10\x00\x12\x15\n" +
diff --git a/gen/proto/go/prehog/v1alpha/teleport.pb.go b/gen/proto/go/prehog/v1alpha/teleport.pb.go
index abbc9da045838..a533b627b61d5 100644
--- a/gen/proto/go/prehog/v1alpha/teleport.pb.go
+++ b/gen/proto/go/prehog/v1alpha/teleport.pb.go
@@ -209,6 +209,10 @@ const (
 	//
 	// PostHog property value: "bot"
 	UserKind_USER_KIND_BOT UserKind = 2
+	// Indicates that the user associated with this event is a system component e.g. Okta service.
+	//
+	// PostHog property value: "system"
+	UserKind_USER_KIND_SYSTEM UserKind = 3
 )
 
 // Enum value maps for UserKind.
@@ -217,11 +221,13 @@ var (
 		0: "USER_KIND_UNSPECIFIED",
 		1: "USER_KIND_HUMAN",
 		2: "USER_KIND_BOT",
+		3: "USER_KIND_SYSTEM",
 	}
 	UserKind_value = map[string]int32{
 		"USER_KIND_UNSPECIFIED": 0,
 		"USER_KIND_HUMAN":       1,
 		"USER_KIND_BOT":         2,
+		"USER_KIND_SYSTEM":      3,
 	}
 )
 
@@ -10573,11 +10579,12 @@ const file_prehog_v1alpha_teleport_proto_rawDesc = "" +
 	"\x17RESOURCE_KIND_DB_SERVER\x10\x04\x12!\n" +
 	"\x1dRESOURCE_KIND_WINDOWS_DESKTOP\x10\x05\x12\x1e\n" +
 	"\x1aRESOURCE_KIND_NODE_OPENSSH\x10\x06\x12#\n" +
-	"\x1fRESOURCE_KIND_NODE_OPENSSH_EICE\x10\a*M\n" +
+	"\x1fRESOURCE_KIND_NODE_OPENSSH_EICE\x10\a*c\n" +
 	"\bUserKind\x12\x19\n" +
 	"\x15USER_KIND_UNSPECIFIED\x10\x00\x12\x13\n" +
 	"\x0fUSER_KIND_HUMAN\x10\x01\x12\x11\n" +
-	"\rUSER_KIND_BOT\x10\x02*\xc0\x0f\n" +
+	"\rUSER_KIND_BOT\x10\x02\x12\x14\n" +
+	"\x10USER_KIND_SYSTEM\x10\x03*\xc0\x0f\n" +
 	"\x10DiscoverResource\x12!\n" +
 	"\x1dDISCOVER_RESOURCE_UNSPECIFIED\x10\x00\x12\x1c\n" +
 	"\x18DISCOVER_RESOURCE_SERVER\x10\x01\x12 \n" +
diff --git a/gen/proto/ts/prehog/v1/teleport_pb.ts b/gen/proto/ts/prehog/v1/teleport_pb.ts
index db0b7c805fefc..84703480db885 100644
--- a/gen/proto/ts/prehog/v1/teleport_pb.ts
+++ b/gen/proto/ts/prehog/v1/teleport_pb.ts
@@ -478,7 +478,15 @@ export enum UserKind {
      *
      * @generated from protobuf enum value: USER_KIND_BOT = 2;
      */
-    BOT = 2
+    BOT = 2,
+    /**
+     * Indicates that the user associated with this event is a system component e.g. Okta service.
+     *
+     * PostHog property value: "system"
+     *
+     * @generated from protobuf enum value: USER_KIND_SYSTEM = 3;
+     */
+    SYSTEM = 3
 }
 /**
  * UserOrigin is the origin of a user account.
diff --git a/gen/proto/ts/prehog/v1alpha/teleport_pb.ts b/gen/proto/ts/prehog/v1alpha/teleport_pb.ts
index 0f81f7ef29d47..26c1c64bd02f5 100644
--- a/gen/proto/ts/prehog/v1alpha/teleport_pb.ts
+++ b/gen/proto/ts/prehog/v1alpha/teleport_pb.ts
@@ -3676,7 +3676,15 @@ export enum UserKind {
      *
      * @generated from protobuf enum value: USER_KIND_BOT = 2;
      */
-    BOT = 2
+    BOT = 2,
+    /**
+     * Indicates that the user associated with this event is a system component e.g. Okta service.
+     *
+     * PostHog property value: "system"
+     *
+     * @generated from protobuf enum value: USER_KIND_SYSTEM = 3;
+     */
+    SYSTEM = 3
 }
 /**
  * DiscoverResource represents a resource type.
diff --git a/lib/tlsca/ca.go b/lib/tlsca/ca.go
index 34f85e3bf057e..8feabd326d401 100644
--- a/lib/tlsca/ca.go
+++ b/lib/tlsca/ca.go
@@ -1244,9 +1244,15 @@ func (id Identity) GetUserMetadata() events.UserMetadata {
 		}
 	}
 
-	userKind := events.UserKind_USER_KIND_HUMAN
-	if id.BotName != "" {
+	_, systemRoleCheckErr := types.NewTeleportRoles(id.Groups)
+	var userKind events.UserKind
+	switch {
+	case id.BotName != "":
 		userKind = events.UserKind_USER_KIND_BOT
+	case len(id.SystemRoles) > 0 || systemRoleCheckErr == nil && len(id.Groups) > 0:
+		userKind = events.UserKind_USER_KIND_SYSTEM
+	default:
+		userKind = events.UserKind_USER_KIND_HUMAN
 	}
 
 	return events.UserMetadata{
diff --git a/lib/tlsca/ca_test.go b/lib/tlsca/ca_test.go
index 62e86012b3528..12775bd101ced 100644
--- a/lib/tlsca/ca_test.go
+++ b/lib/tlsca/ca_test.go
@@ -38,6 +38,7 @@ import (
 
 	"github.com/gravitational/teleport"
 	workloadidentityv1pb "github.com/gravitational/teleport/api/gen/proto/go/teleport/workloadidentity/v1"
+	"github.com/gravitational/teleport/api/types"
 	apievents "github.com/gravitational/teleport/api/types/events"
 	"github.com/gravitational/teleport/api/utils/keys"
 	"github.com/gravitational/teleport/lib/cryptosuites"
@@ -552,6 +553,39 @@ func TestIdentity_GetUserMetadata(t *testing.T) {
 				UserKind: apievents.UserKind_USER_KIND_HUMAN,
 			},
 		},
+		{
+			name: "user metadata for auth system role",
+			identity: Identity{
+				Username: "system.teleport.name",
+				Groups:   []string{string(types.RoleAuth)},
+			},
+			want: apievents.UserMetadata{
+				User:     "system.teleport.name",
+				UserKind: apievents.UserKind_USER_KIND_SYSTEM,
+			},
+		},
+		{
+			name: "user metadata for discovery system role",
+			identity: Identity{
+				Username: "system.teleport.name",
+				Groups:   []string{string(types.RoleDiscovery)},
+			},
+			want: apievents.UserMetadata{
+				User:     "system.teleport.name",
+				UserKind: apievents.UserKind_USER_KIND_SYSTEM,
+			},
+		},
+		{
+			name: "user metadata for okta system role",
+			identity: Identity{
+				Username: "system.teleport.name",
+				Groups:   []string{string(types.RoleOkta)},
+			},
+			want: apievents.UserMetadata{
+				User:     "system.teleport.name",
+				UserKind: apievents.UserKind_USER_KIND_SYSTEM,
+			},
+		},
 	}
 	for _, test := range tests {
 		t.Run(test.name, func(t *testing.T) {
diff --git a/lib/usagereporter/teleport/aggregating/reporter.go b/lib/usagereporter/teleport/aggregating/reporter.go
index 4f7ed64cebce7..8ede6fb75bccd 100644
--- a/lib/usagereporter/teleport/aggregating/reporter.go
+++ b/lib/usagereporter/teleport/aggregating/reporter.go
@@ -209,6 +209,8 @@ func convertUserKind(v1AlphaUserKind prehogv1alpha.UserKind) prehogv1.UserKind {
 		return prehogv1.UserKind_USER_KIND_BOT
 	case prehogv1alpha.UserKind_USER_KIND_HUMAN:
 		return prehogv1.UserKind_USER_KIND_HUMAN
+	case prehogv1alpha.UserKind_USER_KIND_SYSTEM:
+		return prehogv1.UserKind_USER_KIND_SYSTEM
 	default:
 		return prehogv1.UserKind_USER_KIND_UNSPECIFIED
 	}
diff --git a/lib/usagereporter/teleport/audit.go b/lib/usagereporter/teleport/audit.go
index 4ddf98dff7ac6..bba48bb583020 100644
--- a/lib/usagereporter/teleport/audit.go
+++ b/lib/usagereporter/teleport/audit.go
@@ -55,6 +55,8 @@ func prehogUserKindFromEventKind(eventsKind apievents.UserKind) prehogv1a.UserKi
 		return prehogv1a.UserKind_USER_KIND_BOT
 	case apievents.UserKind_USER_KIND_HUMAN:
 		return prehogv1a.UserKind_USER_KIND_HUMAN
+	case apievents.UserKind_USER_KIND_SYSTEM:
+		return prehogv1a.UserKind_USER_KIND_SYSTEM
 	default:
 		return prehogv1a.UserKind_USER_KIND_UNSPECIFIED
 	}
diff --git a/proto/prehog/v1/teleport.proto b/proto/prehog/v1/teleport.proto
index dc609b8745e4f..50faacf178cec 100644
--- a/proto/prehog/v1/teleport.proto
+++ b/proto/prehog/v1/teleport.proto
@@ -75,6 +75,11 @@ enum UserKind {
   //
   // PostHog property value: "bot"
   USER_KIND_BOT = 2;
+
+  // Indicates that the user associated with this event is a system component e.g. Okta service.
+  //
+  // PostHog property value: "system"
+  USER_KIND_SYSTEM = 3;
 }
 
 // UserOrigin is the origin of a user account.
diff --git a/proto/prehog/v1alpha/teleport.proto b/proto/prehog/v1alpha/teleport.proto
index 9e45919faa1f4..5e51e44fa7f70 100644
--- a/proto/prehog/v1alpha/teleport.proto
+++ b/proto/prehog/v1alpha/teleport.proto
@@ -201,6 +201,11 @@ enum UserKind {
   //
   // PostHog property value: "bot"
   USER_KIND_BOT = 2;
+
+  // Indicates that the user associated with this event is a system component e.g. Okta service.
+  //
+  // PostHog property value: "system"
+  USER_KIND_SYSTEM = 3;
 }
 
 // an event representing one of several audit events: session.start, port,