Skip to content

SentinelOne EDR

This guide outlines the steps to integrate SentinelOne logs for monitoring and analysis on our platform.

Option A - Log integration via Syslog TLS

Ensure secure log transmission from SentinelOne to our platform using Syslog over TLS. This guide details the setup process.

Prerequisites

  • Administrative access to SentinelOne.
  • Syslog server setup on your platform with TLS support.

Step 1: Enable Syslog in SentinelOne

  1. Log into the SentinelOne Management Console.
  2. Navigate to Settings > Integrations.
  3. Locate the Syslog configuration section.

example image

Step 2: Configure Syslog with TLS

  1. Select TLS as the protocol.

  2. Specify our syslog server default.main.gallant-williams-0n8kzoz.cribl.cloud and port 6514

  3. Add our platform's TLS certificate. (to be defined)

Troubleshooting & Support

For further assistance, contact our support team at support@secureops.com.