/
edr.sentinelone
edr.sentinelone
- Juan Tomás Alonso Nieto (Deactivated)
Jul 06, 2022
1 min read
Analytics
Loading data...
[ 1 Introduction ] [ 2 Valid tags and data tables ]
Introduction
The tags beginning with edr.sentinelone identify events generated by Sentinel One's platform.
Valid tags and data tables
The full tag must have 4 levels. The first two are fixed as edr.sentinelone. The third level identifies the type of events sent, and the fourth level indicates the event subtype.
Technology | Brand | Type | Subtype |
|---|---|---|---|
edr | sentinelone |
|
|
These are the valid tags and corresponding data tables that will receive the parsers' data:
Tag | Data table |
|---|---|
edr.sentinelone.agent.threats | edr.sentinelone.agent.threats |
edr.sentinelone.agent.agents | edr.sentinelone.agent.agents |
edr.sentinelone.management.activities | edr.sentinelone.management.activities |
, multiple selections available,
Related content
edr.sentinelone
edr.sentinelone
More like this
endpoint.sentinelone
endpoint.sentinelone
More like this
cef0.sentinelone
cef0.sentinelone
More like this
cef2.sentinelone
cef2.sentinelone
More like this
SentinelOne collector
SentinelOne collector
More like this
Platform content pack: SentinelOne
Platform content pack: SentinelOne
More like this