×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
si_CE
Engager
Member since: ‎03-31-2026
‎03-31-2026
Community Statistics
Posts 2
Solutions 0
Karma Given 1
Karma Received 1
Member Since ‎03-31-2026
Activity Feed
View All

Re: SentinelOne API key failing for Splunk App

by in All Apps and Add-ons
‎03-31-2026 11:17 AM
1 Karma
‎03-31-2026 11:17 AM
1 Karma
Auth errors were internal -- we able to use the new JWS token created on sentinel1 under service accounts.  This did not work yesterday, but within 24 hours of bringing it to their attention, so I am not sure what changed.  If I am able to reverse-engineer what was changed, I will post here.  ... View more

SentinelOne API key failing for Splunk App

by in All Apps and Add-ons
‎03-31-2026 07:56 AM
‎03-31-2026 07:56 AM
This recently worked before - From the Sentinel One side - I have access to one of their admin to re-generate keys. They reported that they are unable to provide legacy api tokens for the Splunk App dating back to 2024. We have changed the API key with success as recently as this year.  Upgraded IA-sentinelone_app_for_splunk to 6.0.0  Curl fails from the HF which also worked before. Not likely an app issue, but wondering if a new configuration is required.    Has anyone else encountered something similar? ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎03-31-2026 07:48 AM
Karma from
View All
Karma given to
View All