New
Join our webinar! Building a customizable and extensible cloud asset inventory at scale
Sign up ❯
Report an issue
Back to source list
sentinelone
Official
Premium

SentinelOne

Sync from SentinelOne to any destination

Publisher

cloudquery

Latest version

v1.11.2

Type

Source

Platforms
Date Published

Price per 1M rows

Starting from $17

monthly free quota

1M rows

DocumentationTablesChangelogDestinations
OverviewLicenses

Overview #

The CloudQuery SentinelOne plugin pulls data out of SentinelOne and loads it into any supported CloudQuery destination (e.g. PostgreSQL, BigQuery, Snowflake, and more).

Authentication #

In order to fetch information from SentinelOne, cloudquery needs to be authenticated. An API Token is required for authentication.

SentinelOne Source Plugin Configuration Reference

Example #

This example syncs from SentinelOne to a Postgres destination. The (top level) source spec section is described in the Source Spec Reference.
kind: source
# Common source-plugin configuration
spec:
  name: sentinelone
  path: cloudquery/sentinelone
  registry: cloudquery
  version: "v1.11.2"
  tables:
    - "sentinelone_accounts"
    - "sentinelone_agent_packages"
    - "sentinelone_agents"
    - "sentinelone_export_agents"
    - "sentinelone_installed_applications"
    - "sentinelone_sites"
    - "sentinelone_threats"
    - "sentinelone_threat_notes"
  destinations: ["postgresql"]

  # Learn more about the configuration options at https://cql.ink/sentinelone_source
  spec:
    # required
    api_token: "${SENTINELONE_API_TOKEN}"
    # required
    management_url: "https://domain.sentinelone.net"
#    optional: A list of account IDs to filter by. Omit this field to fetch for all account IDs.
#    account_ids: [<YOUR_ACCOUNT_ID_1>] 
#    optional: A list of site IDs to filter by. Omit this field to fetch for all site IDs.
#    site_ids: [<YOUR_SITE_ID_1>]
#    optional: A list of group IDs to filter by. Omit this field to fetch for all group IDs.
#    group_ids: [<YOUR_GROUP_ID_1>]

SentinelOne Spec #

This is the (nested) spec used by the SentinelOne source plugin.
  • api_token (string) (required)
    An API Token to access SentinelOne resources.
  • management_url (string) (required)
    Your SentinelOne Management Console URL. With or without a trailing slash.
  • account_ids ([]string) (default: null)
    A list of account IDs to filter the sync results by. Omit this field to fetch for all account IDs.
  • site_ids ([]string) (default: null)
    A list of site IDs to filter the sync results by. Omit this field to fetch for all site IDs.
  • group_ids ([]string) (default: null)
    A list of group IDs to filter the sync results by. Omit this field to fetch for all group IDs.
  • concurrency (integer) (optional) (default: 10)
    A best effort maximum number of Go routines to use. Lower this number to reduce memory usage.
  • scheduler (string) (optional) (default: dfs) The scheduler to use when determining the priority of resources to sync. Supported values are dfs (depth-first search), round-robin, shuffle and shuffle-queue.
    For more information about this, see performance tuning.
  • table_options (map) (default: null)
    A set of options to override the defaults for certain tables.
    The format of the table_options object is as follows:
    table_options:
  <table_name>:
    - <input_object>
    A list of <input_object> objects should be provided. The plugin will iterate through these to make multiple API calls. The following tables are supported:
    table_options:
  sentinelone_installed_applications:
    - <Parameters for GET /web/api/v2.1/installed-applications endpoint>
    # Example
    - installedAt__between: "1708815411000-1709074611000"
      size__between: "1024-104856"

Licenses #

The following tools / packages are used in this plugin:
NameLicense
github.com/adrg/xdgMIT
github.com/apache/arrow/go/v13Apache-2.0
github.com/apache/arrow-go/v18Apache-2.0
github.com/apapsch/go-jsonmerge/v2MIT
github.com/aws/aws-sdk-go-v2Apache-2.0
github.com/aws/aws-sdk-go-v2/configApache-2.0
github.com/aws/aws-sdk-go-v2/credentialsApache-2.0
github.com/aws/aws-sdk-go-v2/feature/ec2/imdsApache-2.0
github.com/aws/aws-sdk-go-v2/internal/configsourcesApache-2.0
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2Apache-2.0
github.com/aws/aws-sdk-go-v2/internal/iniApache-2.0
github.com/aws/aws-sdk-go-v2/internal/sync/singleflightBSD-3-Clause
github.com/aws/aws-sdk-go-v2/service/internal/accept-encodingApache-2.0
github.com/aws/aws-sdk-go-v2/service/internal/presigned-urlApache-2.0
github.com/aws/aws-sdk-go-v2/service/licensemanagerApache-2.0
github.com/aws/aws-sdk-go-v2/service/marketplacemeteringApache-2.0
github.com/aws/aws-sdk-go-v2/service/ssoApache-2.0
github.com/aws/aws-sdk-go-v2/service/ssooidcApache-2.0
github.com/aws/aws-sdk-go-v2/service/stsApache-2.0
github.com/aws/smithy-goApache-2.0
github.com/aws/smithy-go/internal/sync/singleflightBSD-3-Clause
github.com/bahlo/generic-list-goBSD-3-Clause
github.com/buger/jsonparserMIT
github.com/cenkalti/backoff/v4MIT
github.com/cloudquery/cloudquery-api-goMPL-2.0
github.com/cloudquery/plugin-pb-goMPL-2.0
github.com/cloudquery/plugin-sdk/v2/internal/globMIT
github.com/cloudquery/plugin-sdk/v2/schemaMIT
github.com/cloudquery/plugin-sdk/v2/typesMPL-2.0
github.com/cloudquery/plugin-sdk/v4MPL-2.0
github.com/cloudquery/plugin-sdk/v4/globMIT
github.com/cloudquery/plugin-sdk/v4/scalarMIT
github.com/davecgh/go-spew/spewISC
github.com/deepmap/oapi-codegen/pkg/securityproviderApache-2.0
github.com/ghodss/yamlMIT
github.com/go-logr/logrApache-2.0
github.com/go-logr/stdrApache-2.0
github.com/goccy/go-jsonMIT
github.com/google/flatbuffers/goApache-2.0
github.com/google/uuidBSD-3-Clause
github.com/gorilla/muxBSD-3-Clause
github.com/grpc-ecosystem/go-grpc-middleware/v2/interceptorsApache-2.0
github.com/grpc-ecosystem/grpc-gateway/v2BSD-3-Clause
github.com/hashicorp/go-cleanhttpMPL-2.0
github.com/hashicorp/go-retryablehttpMPL-2.0
github.com/invopop/jsonschemaMIT
github.com/klauspost/compressApache-2.0
github.com/klauspost/compress/internal/snaprefBSD-3-Clause
github.com/klauspost/compress/zstd/internal/xxhashMIT
github.com/mailru/easyjsonMIT
github.com/mattn/go-colorableMIT
github.com/mattn/go-isattyMIT
github.com/oapi-codegen/runtimeApache-2.0
github.com/pierrec/lz4/v4BSD-3-Clause
github.com/pmezard/go-difflib/difflibBSD-3-Clause
github.com/rs/zerologMIT
github.com/samber/loMIT
github.com/santhosh-tekuri/jsonschema/v6Apache-2.0
github.com/spf13/cobraApache-2.0
github.com/spf13/pflagBSD-3-Clause
github.com/stretchr/testifyMIT
github.com/thoas/go-funkMIT
github.com/wk8/go-ordered-map/v2Apache-2.0
github.com/zeebo/xxh3BSD-2-Clause
go.opentelemetry.io/otelApache-2.0
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttpApache-2.0
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttpApache-2.0
go.opentelemetry.io/otel/exporters/otlp/otlptraceApache-2.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttpApache-2.0
go.opentelemetry.io/otel/logApache-2.0
go.opentelemetry.io/otel/metricApache-2.0
go.opentelemetry.io/otel/sdkApache-2.0
go.opentelemetry.io/otel/sdk/logApache-2.0
go.opentelemetry.io/otel/sdk/metricApache-2.0
go.opentelemetry.io/otel/traceApache-2.0
go.opentelemetry.io/proto/otlpApache-2.0
golang.org/x/expBSD-3-Clause
golang.org/x/netBSD-3-Clause
golang.org/x/syncBSD-3-Clause
golang.org/x/sysBSD-3-Clause
golang.org/x/textBSD-3-Clause
golang.org/x/xerrorsBSD-3-Clause
google.golang.org/genproto/googleapis/api/httpbodyApache-2.0
google.golang.org/genproto/googleapis/rpc/statusApache-2.0
google.golang.org/grpcApache-2.0
google.golang.org/protobufBSD-3-Clause
gopkg.in/yaml.v2Apache-2.0
gopkg.in/yaml.v3MIT

Join our mailing list

Subscribe to our newsletter to make sure you don't miss any updates.

Solutions
Resources
Legal
Social
© 2024 CloudQuery, Inc. All rights reserved.

We use tracking cookies to understand how you use the product and help us improve it. Please accept cookies to help us improve. You can always opt out later via the link in the footer.