Latest Version 2.1.1
September 17, 2021
Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
SentinelOne
This app integrates with the SentinelOne Singularity platform to perform prevention, detection, remediation, and forensic endpoint management tasks
Built by srv-stage-community
Compatibility
Not Available
Platform Version: 5.5, 5.4, 5.3, 5.2, 5.1, 5.0, 4.10, 4.9
Rating
0
(0)
Log in to rate this app
Support
Not Supported
Ranking
#2
in Endpoint
This app integrates with the SentinelOne Singularity platform to perform prevention, detection, remediation, and forensic endpoint management tasks
Supported Actions
- test connectivity: Validate the asset configuration for connectivity using supplied configuration
- block hash: Add a file hash to the global blocklist
- unblock hash: Remove a hash from the global blocklist
- quarantine device: Quarantine an endpoint
- unquarantine device: Unquarantine an endpoint
- mitigate threat: Mitigate an identified threat
- scan endpoint: Scan an endpoint for dormant threats
- get endpoint info: Get detailed information about an endpoint/agent
- get threat info: Get detailed information about a threat
- on poll: Callback action for the on_poll ingest functionality
Categories
Created By
srv-stage-community
Source Code
Type
connector
Licensing
Splunk Answers
Resources
Login to report this app listing