SentinelOne Ranger
About
SentinelOne Ranger creates visibility into your network by using distributed passive and active mapping techniques to discover running services, unmanaged endpoints, IoT devices, and mobiles.
Why You Should Integrate
Integrating with SentinelOne Ranger will provide visibility into the presence of devices observed by the SentinelOne agent.
How Does the Integration Work
This integration pulls all devices from networks within SentinelOne Ranger that have a minimum 5 agents present.
This data is only used internally; we do not share it with any parties outside of Sevco. Refer to our privacy policy for details.
Configuration
- Configure plugin: Configure SentinelOne
SentinelOne
Field | Description | Example |
---|---|---|
URL * | The URL used to access the source | usea1-org.sentinelone.net |
API Key * | The API key used to identify the authorization and permissions | *********************** |
Account IDs | (Optional) fetch devices associate with only the specified Account IDs. Comma separated | `12333333333333333,1234444444444444444' |
Site IDs | (Optional) fetch devices associate with only the specified Site IDs. Comma separated | 789,987 |
-
Configure Name: OPTIONAL: You can give the configuration a name to provide an identifiable attribute of the configuration to delineate other similar configurations.
-
Activate Config: To enable this configuration and begin pulling data select "Activate". If you wish to save the configuration to come back later to finish, select "Save Draft". This will save the configuration, but keep it disabled until Activated.
Source Documentation
Creating credentials
You'll be asked to provide source credentials that Sevco will use to connect to SentinelOne. The following steps will guide you in acquiring an API Token.
- Click on your username in the top right corner -> Click My User
- Next to API Token, click "generate".
Required Permissions
The following permissions are required:
The user generating the API key must have at least Viewer permissions.
Contact Us
If you're having problems integrating a source, or if you've found something wrong in this document, please email us at [email protected].
Tags: cloud, epp-edr
Updated 12 months ago