Does this information look incorrect or out-of-date? Please contact us at email@example.com.
SentinelOne is a cloud-based endpoint protection platform that protects against attacks throughout the threat lifecycle, providing prevention, detection, remediation of threats.
Obtain an API token from SentinelOne for a new user with appropriate permissions levels and provide to SOC.OS
- The API access key can be generated in the SentinelOne dashboard.
- Click My User, top right of screen
- Click on API token.
- Copy or Click Download, and save the API token.
- Provide the following details to SOC.OS.
- API token
- Management URL (The management url will usually be in the format https://organisation_name.sentinelone.net/web)
- Confirm API version (usually 2.1)
Creating API token: https://cdocs.sentinelone.net/Splunk/Splunk_and_SentinelOne_Integration_v3.0-en.pdf