SentinelOne integration

This document outlines the requirements and setup for the SentinelOne integration.

If you’re new to integrations in Rewst, read through our introductory integration documentation here.

What does the SentinelOne integration do?

Our SentinelOne integration enables the automation of endpoint protection. Use the SentinelOne API within Rewst workflows to manage accounts, agents, forensics, and threats.

Set up the SentinelOne integration

Set up steps in SentinelOne

Log in to the SentinelOne management console.
Navigate to Settings > Users.
Click Service Users.
Click Actions > Create New Service User.
Set a name and an expiration date for the account.
Click Next.
Select Account as the access level, then select the parent site.
Set the role to Admin.
Click Create User.
Copy the API key information. Save it in a secure location. You'll need this information for further set up steps in Rewst.

SentinelOne API tokens have an expiration date, typically 6 months out. We suggest setting a reminder for checking and updating the keys to correspond with the expiration timeline.

Set up steps in Rewst

Once you have created an API account, you will need to configure the integration within the Rewst platform.

Follow the below steps to configure a new integration:

Navigate to Configuration > Integrations in the left side menu of your Rewst platform.
Search for SentinelOne in the integrations page.
Click on the integration tile to launch the configuration setup page.
Under Parameters, enter the information copied from SentinelOne into the relevant fields:
1. API Key: The API key that was generated for integration.
2. Domain: This is the full URL to the SentinelOne tenant
Click Save Configuration.
Rewst will do a quick validation of your input. Once completed, you'll see a new section beneath the configuration form for organization mapping. Complete your mapping as desired.

PreviousSaaS Alerts integration NextSlide integration

Last updated 6 days ago

Was this helpful?