Skip to main content
Skip table of contents

SentinelOne Singularity XDR

What is SentinelOne Singularity XDR?

SentinelOne Singularity XDR (formerly SentinelOne) provides detection and response capabilities across multiple security layers, including endpoint, cloud, identity, network, and mobile and provides analytics and automated responses.

Why Should You Use the SentinelOne Singularity XDRConnector?

The SentinelOne Singularity XDR connector provides visibility into the assets in your environment. You can use this visibility to:

  • ensure assets are managed per your security policies

  • derive relationships between assets, users, applications, and data

How Does This Connector Work?

Lucidum executes read-only requests to the SentinelOne Singularity REST API and ingests only meta-data about SentinelOne Singularity XDR devices. Lucidum does not retrieve any data stored on your assets.

Configuring the Connector in Lucidum

Field

Description

Example

URL

The URL for the SentinelOne API.

https://<sentinelone> domain>/web/api/v2.1

Verify SSL.

For future use.

N/A

Filter Application

SentinelOne assigns a risk level to applications ( low, medium, high, critical). If this toggle is “on”, Lucidum ingests data only from applications that have an assigned risk level

By default, this toggle is “off” and Lucidum ingests data from all applications. 

Off

API Token

An API token for a SentinelOne account that has read access to API data.

Source Documentation

Creating Credentials

To generate an API token for the Lucidum connector:

  1. Login to the Management Console for SentinelOne as a user with read access to API data.

  2. In the Management Console, click Settings > USERS.

  3. Click your username.

  4. Click the Edit button.

  5. In Edit User > API Token page, click Generate.

    If you see Revoke and Regenerate, you have already generated a token. Do not select Revoke and Regenerate. If you select the Revoke and Regenerate option, scripts that already use that token will not work.

  6. If you click Generate, SentinelOne displays the token string and the date that the token expires.

  7. Click DOWNLOAD to save the API Token.

API Documentation

https://www.postman.com/api-evangelist/workspace/sentinelone/folder/35240-4612de9e-96ee-4315-befd-17e50f606288

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.