×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
chefdivinfo
New Member
Member since: ‎01-10-2018
‎06-05-2020
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎01-10-2018
View All

Can someone help me set up the SentinelOne App to ...

by in All Apps and Add-ons
‎04-02-2019 07:34 AM
‎04-02-2019 07:34 AM
Cannot set up the app to be able to create Actions based on alerts. The Sentinelone Add-on (TA_Sentinelone) is configured and information is collected through the console API and forwarded to Splunk, though visible in Splunk Enterprise Security. However, when I tried to set up the app to be able to configure adaptive response, it does not accept the console token (which by the way is the same used by the TA) : Could not connect to SentinelOne console. Please verify API Token is correct, The management hostname and domain are correct and confirm that the API Version matches your console and SSL Verification configured properly And I have this at the bottom of the App setup page : Could not find configuration files /opt/splunk/etc/apps/sentinelone/local/s1consoles.conf , status: Both SentinelOne app and add on are 3.5.6 version, Splunk is 7.1.2 and Splunk ES is 5.2.2. Thanks. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM