Log Forwarding > Cloud Solutions > SentinelOne
SENTINELONE
Instructions for forwarding SentinelOne logs to your Log Management device
PREREQUISITES
SentinelOne
- SentinelOne cloud-based Portal
- Administrator Credentials to access the SentinelOne solution
Clone Systems Log Management Device
- The IP Address for the Clone Systems Log Management device
INSTRUCTIONS
1
Navigate a browser to your company’s SentinelOne cloud-based management portal.
https://<Your Domain Name>.sentinelone.net
2
On the Sign-in screen of your SentinelOne Portal login with your Administrator account.
Username: Your Admin username
Password: Your Admin password
Click LOGIN
3
On the SentinelOne management console, click Settings.
Locate the left side menu on the SentinelOne management console.
Click the Settings menu option.
4
On the Settings screen, click USER.
Locate the menu at the top of the Settings page.
Click the USER menu option.
5
On the User page, create a new User that will be configured to log into the API.
Note: Record the Username and Password.
Click the +User button at the top of the page and fill in the Users details.
Click the CREATE button.
6
Please provide the following values to Clone Systems to complete the configuration for forwarding SentinelOne logs to your Log Management device:
- The Username
- The Password
- The Domain Name for your SentinelOne cloud-based management portal
Note: The Domain Name used to access your SentinelOne portal is typically :
https://<Your Domain Name>.sentinelone.net
Note: The API documentation is available via https://<Your Domain Name>.sentinelone.net/apidoc