SentinelOne EDR
This guide outlines the steps to integrate SentinelOne logs for monitoring and analysis on our platform.
Option A - Log integration via Syslog TLS
Ensure secure log transmission from SentinelOne to our platform using Syslog over TLS. This guide details the setup process.
Prerequisites
- Administrative access to SentinelOne.
- Syslog server setup on your platform with TLS support.
Step 1: Enable Syslog in SentinelOne
- Log into the SentinelOne Management Console.
- Navigate to Settings > Integrations.
- Locate the Syslog configuration section.
Step 2: Configure Syslog with TLS
- Select TLS as the protocol.
-
Specify our syslog server
default.main.gallant-williams-0n8kzoz.cribl.cloud
and port6514
-
Add our platform's TLS certificate. (to be defined)
Troubleshooting & Support
For further assistance, contact our support team at support@secureops.com.