Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2

About the Device

One platform to prevent, detect, respond, and hunt in the context of all enterprise assets. SentinelOne has built solutions to meet your organization’s infrastructure needs. Scalable, Cloud and On-Premise Management, Offline Support, and a Robust API.

It automates incident response processes, reducing the time to detect and respond to security incidents. When a potential threat is detected, the solution automatically initiates incident response workflows, such as isolating the affected endpoint, blocking malicious traffic, and alerting security teams.

Device Information

 Entity

Particulars

Vendor Name

SentinelOne

Product Name

EDR (Alert)

Type of Device

Hosted

Collection Method

Log Type

 Ingestion label

Preferred Logging Protocol - Format

Log collection method

Data Source

Sentinelone Alerts

SENTINELONE_ALERT

API - JSON

C2C

https://cloud.google.com/chronicle/docs/reference/feed-management-api#sentinelone-alert

Device Configuration

For log collection we need FQDN name of your SentinelOne API and API Token Key from customer which need to use in sensor configuration.

Steps to create API Token:

Prerequisite: Need a user in the device which has Viewer role assigned.

  1. Log in to Device Management Console, go to extreme right corner and click on User Name -> My User

image-20240515-073609.png
  1. Pop up window will display on the browser

image-20240516-094443.png
  1. Click on Generate API Token

  2. Copy the API token.

Integration Parameters

Parameter Display Name

Default Value

Description

AUTHENTICATION HTTP HEADERS

N/A

The HTTP header used to authenticate SentinelOne Alerts/Threats & static-indicator API in "key:value" format.
Eg- Authorization: ApiToken {apiToken}

API HOSTNAME

N/A

The fully qualified domain name of your SentinelOne API.
Eg- xxxx-xxx..sentinelone.net

  • No labels