Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel2
maxLevel2
typeflat

...

Purpose

This content pack provides five Activeboards pre-configured to process SentinelOne's endpoint and threat detection and response events. The pack covers multiple use cases including the creation of a general overview of the security and threats landscape from an end-point perspective as well as the capability to drill-down on a per-client basis.

Expand
titleClick here to see an overview video of the SentinelOne Content Pack
Widget Connector
overlayyoutube
_templatecom/atlassian/confluence/extra/widgetconnector/templates/youtube.vm
width600px
urlhttps://www.youtube.com/watch?v=FiJdwylCNgk
height300px

Included content

Status
titleActiveboard
SentinelOne Activity Overview

Status
titleActiveboard
SentinelOne Threat Detections

Status
titleActiveboard
SentinelOne Threat Explorer

Status
titleActiveboard
SentinelOne Activity Explorer

Status
titleActiveboard
SentinelOne Agent Status

Open content pack

Each of the items included in the content pack must be accessed separately. To do that, simply click on their name in the Included contents section to access their cards and then click the Open button at the top right of the card.

...

Use content pack

Each item of a content pack has a specific purpose and use, which depend on the type of content. They can be a lookup to enrich your data, an Activeboard to visualize and analyze data graphically, an alert with conditions to find anomalous events, or an application for specific operations.