Warning

This app is archived. App archiving documentation

SentinelOne TA (Add-on) for Splunk app icon

SentinelOne TA (Add-on) for Splunk

The integration of Splunk and SentinelOne empowers organizations to combine the strengths of their Splunk deployments to collect, monitor, analyze and visualize massive streams of machine data, with the visibility, detection, response, remediation and forensics capabilities of SentinelOne.

Built by
splunk product badge
screenshot
screenshot
screenshot
screenshot
screenshot
Latest Version 4.0.0
May 7, 2020
Compatibility
Splunk Enterprise
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
Rating

1

(1)

Log in to rate this app
Support
SentinelOne TA (Add-on) for Splunk support icon
Not Supported
The integration of Splunk and SentinelOne empowers organizations to combine the strengths of their Splunk deployments to collect, monitor, analyze and visualize massive streams of machine data, with the visibility, detection, response, remediation and forensics capabilities of SentinelOne. The SentinelOne TA (Technology Add-on) for Splunk collects the data from the SentinelOne Management Server and maps SentinelOne objects to relevant Splunk CIM (Common Information Models). It enables saved searches and macros from one or more SentinelOne Management Consoles. The SentinelOne App for Splunk is an optional application that runs on the Splunk platform. It has dashboards, saved searches, custom actions, and adaptive response actions, all ready to use as-is on the data collected by the SentinelOne TA, or as examples for further customization.

Categories

IT Operations, Security, Fraud & Compliance

Created By

SentinelOne Singularity

Type

addon

Downloads

2,003

Licensing

SentinelOne Terms of Service(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing