Powerful threat prediction, prevention, detection, and response along with compliance in a scalable, simple managed solution.
All-in-one networking solution that combines network connectivity, agility, security, and compliance in an affordable managed solution.
Accelerate business growth through our award-winning partner program.
Applies to: SentinelOne
SentinelOne is a next-generation endpoint security product used to protect against all threat vectors. Keep known and unknown malware and other bad programs out of endpoints.
EventTracker collects the events from SentinelOne API and filters it out to get some critical event types for creating reports, dashboards, and alerts. These are considered as knowledge Packs and helps you to analyze and manage the SentinelOne easily.
Flex reports will contain detailed overview of activities like login/ logout, firewall block activity, threat detection activity, and user management activities.
Alerts will be triggered when critical security events like threat detected, an external device connected, suspicious process detected, etc.
The dashboard provides a visual representation of all the activities like top user login, top threat activities, device control activities by the system, etc.
Once events are received into EventTracker, Reports, Knowledge Objects, Categories and Dashboards can be configured into EventTracker.
EventTracker monitors all the SentinelOne events, they are given as below.
Once SentinelOne is configured to deliver events to EventTracker alerts, dashboards, and reports can be configured into EventTracker.
Reports
Alerts
To configure SentinelOne to send logs to EventTracker, refer the How to Guide.
For more information, please refer the SentinelOne Integration guide.