About

SentinelOne Ranger creates visibility into your network by using distributed passive and active mapping techniques to discover running services, unmanaged endpoints, IoT devices, and mobiles.

Why You Should Integrate

Integrating with SentinelOne Ranger will provide visibility into the presence of devices observed by the SentinelOne agent.

How Does the Integration Work

This integration pulls all devices from networks within SentinelOne Ranger that have a minimum 5 agents present.

This data is only used internally; we do not share it with any parties outside of Sevco. Refer to our privacy policy for details.

Configuration

1. Configure plugin: Configure SentinelOne

SentinelOne

2. Configure Name: OPTIONAL: You can give the configuration a name to provide an identifiable attribute of the configuration to delineate other similar configurations.

3. Activate Config: To enable this configuration and begin pulling data select "Activate". If you wish to save the configuration to come back later to finish, select "Save Draft". This will save the configuration, but keep it disabled until Activated.

Source Documentation

Creating credentials

You'll be asked to provide source credentials that Sevco will use to connect to SentinelOne. The following steps will guide you in acquiring an API Token.

1. Click on your username in the top right corner -> Click My User
2. Next to API Token, click "generate".

Required Permissions

The following permissions are required:
The user generating the API key must have at least Viewer permissions.

Contact Us

If you're having problems integrating a source, or if you've found something wrong in this document, please email us at [email protected].

Tags: cloud, epp-edr