Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Purpose

This content pack provides five Activeboards pre-configured to process SentinelOne's endpoint and threat detection and response events. The pack covers multiple use cases including the creation of a general overview of the security and threats landscape from an end-point perspective as well as the capability to drill-down on a per-client basis.

 Click here to see an overview video of the SentinelOne Content Pack

Included content

Open content pack

Each of the items included in the content pack must be accessed separately. To do that, simply click on their name in the Included contents section to access their cards and then click the Open button at the top right of the card.

Use content pack

Each item of a content pack has a specific purpose and use, which depend on the type of content. They can be a lookup to enrich your data, an Activeboard to visualize and analyze data graphically, an alert with conditions to find anomalous events, or an application for specific operations.

  • No labels