SENTINELONE
Instructions for forwarding SentinelOne logs to your Log Management device
PREREQUISITES
SentinelOne- SentinelOne cloud-based Portal
- Administrator Credentials to access the SentinelOne solution
- The IP Address for the Clone Systems Log Management device
1. Navigate a browser to your company’s SentinelOne cloud-based management portal.
https://<Your Domain Name>.sentinelone.net
2. On the Sign-in screen of your SentinelOne Portal login with your Administrator account.
Username: Your Admin username
Password: Your Admin password
Click LOGIN
3. On the SentinelOne management console, click Settings.
Locate the left side menu on the SentinelOne management console.
Click the Settings menu option.
4. On the Settings screen, click USER.
Locate the menu at the top of the Settings page.
Click the USER menu option.
5. On the User page, create a new User that will be configured to log into the API.
Note: Record the Username and Password.
Click the +User button at the top of the page and fill in the Users details.
Click the CREATE button.
6. Please provide the following values to Clone Systems to complete the configuration for forwarding SentinelOne logs to your Log Management device:
- The Username
- The Password
- The Domain Name for your SentinelOne cloud-based management portal
Note: The Domain Name used to access your SentinelOne portal is typically :
https://<Your Domain Name>.sentinelone.net
Note: The API documentation is available via https://<Your Domain Name>.sentinelone.net/apidoc
