Connecting to SentinelOne


With BrightGauge’s integration to SentinelOne, you can visualize information related to threats detected and agents by SentinelOne within BrightGauge, and display that information on your dashboards. 

SentinelOne Integration Setup

  1. Navigate to the DATA dropdown.

  2. Select Datasources.

  3. Click Add a New Datasource

  4. Navigate to the Security tab and select SentinelOne

  5. Enter the email address associated with your account in the Name field. 

  6. Enter the subdomain (URL) for your SentinelOne instance in the Subdomain field. Please be sure to exclude the "/" character at the end of your URL. Leaving it would cause both the data source to break and/or dataset authentication errors.

  7. Enter the SentinelOne API Token.
    1. To locate the API token, navigate to SentinelOne.
    2. Select My User.
    3. Click Options.
    4. Select Generate API Token. If this is not the first time you have done this it will say Regenerate API Token.

  8. Click Test Connection

  9. Click Save.

Default Datasets

To locate your datasets, navigate to DATA > Datasets.

  • SentinelOne Agents Mod
  • SentinelOne Threat Info Mod.

SentinelOne Gauges and Dashboards

Once setup is complete you will have access to a list of new gauges displaying information from SentinelOne.

SentinelOne - Threats


SentinelOne - Agents




Was this article helpful?
6 out of 13 found this helpful