...
Log Type | Ingestion label | Preferred Logging Protocol - Format | Log collection method | Data Source |
|---|---|---|---|---|
SentinelOne EDR | SENTINEL_EDR (Raw log telemetry) | Syslog - CEF2 | CyberHub | NA |
Sentinelone Alerts | SENTINELONE_ALERT | API - JSON | C2C | https://cloud.google.com/chronicle/docs/reference/feed-management-api#sentinelone-alert |
...
In some cases, the upgraded version of the device might incorporate TLS support without prior notice. If you come across such a scenario or for further assistance in configuring TLS, we kindly ask you to reach out to your dedicated Adaptive MxDR Service Delivery Lead.
Device Configuration
Please follow the steps below to enable raw log telemetry.
In the SentinelOne management console, at the Account level, navigate to Settings > Notifications
Under Notification Types, select All
Select the Syslog checkbox for each type of Notification.
...