Publisher
cloudquery
Latest version
v1.4.0
Type
Source
Platforms
Date Published
Price per 1M rows
Starting from $15
monthly free quota
1M rows
Set up process
Overview
The CloudQuery SentinelOne plugin pulls data out of SentinelOne and loads it into any supported CloudQuery destination (e.g. PostgreSQL, BigQuery, Snowflake, and more).
Authentication
In order to fetch information from SentinelOne,
cloudquery
needs to be authenticated.
An API Token is required for authentication.SentinelOne Source Plugin Configuration Reference
Example
This example syncs from SentinelOne to a Postgres destination.
The (top level) source spec section is described in the Source Spec Reference.
kind: source
# Common source-plugin configuration
spec:
name: sentinelone
path: cloudquery/sentinelone
registry: cloudquery
version: "v1.4.0"
tables:
- "sentinelone_accounts"
- "sentinelone_agent_packages"
- "sentinelone_agents"
- "sentinelone_export_agents"
- "sentinelone_installed_applications"
- "sentinelone_sites"
- "sentinelone_threats"
- "sentinelone_threat_notes"
destinations: ["postgresql"]
spec:
# required
api_token: "${SENTINELONE_API_TOKEN}"
# required
management_url: "https://domain.sentinelone.net"
# optional: A list of account IDs to filter by. Omit this field to fetch for all account IDs.
# account_ids: [<YOUR_ACCOUNT_ID_1>]
# optional: A list of site IDs to filter by. Omit this field to fetch for all site IDs.
# site_ids: [<YOUR_SITE_ID_1>]
# optional: A list of group IDs to filter by. Omit this field to fetch for all group IDs.
# group_ids: [<YOUR_GROUP_ID_1>]
SentinelOne Spec
This is the (nested) spec used by the SentinelOne source plugin.
api_token
(string
) (required)An API Token to access SentinelOne resources.management_url
(string
) (required)Your SentinelOne Management Console URL. With or without a trailing slash.account_ids
([]string
) (default:null
)A list of account IDs to filter the sync results by. Omit this field to fetch for all account IDs.site_ids
([]string
) (default:null
)A list of site IDs to filter the sync results by. Omit this field to fetch for all site IDs.group_ids
([]string
) (default:null
)A list of group IDs to filter the sync results by. Omit this field to fetch for all group IDs.concurrency
(integer
) (optional) (default:10
)The best effort maximum number of Go routines to use. Lower this number to reduce memory usage.