Back to source list
Official
Premium
SentinelOne source integration documentation
Sync from SentinelOne to any destination
Publisher
cloudquery
Latest version
v3.2.1
Type
Source
Platforms
Date Published
Loading plugin documentation
Sync from SentinelOne to any destination
Publisher
cloudquery
Latest version
v3.2.1
Type
Source
Platforms
Date Published
Loading plugin documentation
CloudQuery's use of cookies
We use tracking cookies to understand how you use the product and help us improve it. Your consent is required before we can enable these cookies. You can opt out via the link in the footer.
cloudquery needs to be authenticated.
An API Token is required for authentication.kind: source
# Common source-plugin configuration
spec:
name: sentinelone
path: cloudquery/sentinelone
registry: cloudquery
version: "v3.2.1"
tables: ["*"]
destinations: ["postgresql"]
# Learn more about the configuration options at https://cql.ink/sentinelone_source
spec:
# required
api_token: "${SENTINELONE_API_TOKEN}"
# required
management_url: "https://domain.sentinelone.net"
# optional: A list of account IDs to filter by. Omit this field to fetch for all account IDs.
# account_ids: [<YOUR_ACCOUNT_ID_1>]
# optional: A list of site IDs to filter by. Omit this field to fetch for all site IDs.
# site_ids: [<YOUR_SITE_ID_1>]
# optional: A list of group IDs to filter by. Omit this field to fetch for all group IDs.
# group_ids: [<YOUR_GROUP_ID_1>]
api_token (string) (required)management_url (string) (required)account_ids ([]string) (default: null)site_ids ([]string) (default: null)group_ids ([]string) (default: null)concurrency (integer) (optional) (default: 10)scheduler (string) (optional) (default: dfs)
The scheduler to use when determining the priority of resources to sync.
Supported values are dfs (depth-first search), round-robin, shuffle and shuffle-queue.table_options (map) (default: null)table_options object is as follows:table_options:
<table_name>:
- <input_object>
<input_object> objects should be provided. The plugin will iterate through these to make multiple API calls.
The following tables are supported:table_options:
sentinelone_installed_applications:
- <Parameters for GET /web/api/v2.1/installed-applications endpoint>
sentinelone_threats:
- <Parameters for GET /web/api/v2.1/threats endpoint>
sentinelone_agent_tags:
- <Parameters for GET /web/api/v2.1/agents/tags endpoint>
Time type, which allows for defining timestamps in both absolute and relative formats.2024-01-01T12:00:00+00:00.nowx seconds [ago|from now]x minutes [ago|from now]x hours [ago|from now]x days [ago|from now]until field:until: nowuntil: 2 days agountil: 10 months 3 days 4h20m from nowuntil: 2024-01-01T12:00:00+00:00