Integration guide for SentinelOne Endpoint Security

SentinelOne Endpoint Security technology provides solutions with three different tiers of functionality, Core, Control and Complete.

⚠️ Warning: This integration requires a UTMStack agent to work properly. Please, make sure you have installed it before you continue.

1. Click on the "Settings" menu in the SentinelOne sidebar.

2. Go to "Integrations" -> "Syslog", and configure SentinelOne Endpoint Security to send logs to a UTMStack agent to ports:

• 7012 TCP

• 7012 UDP

3. Enable log collector

To enable the log collector where you have the UTMStack agent installed, follow the instructions below based on your operating system and preferred protocol.

4. Click on the "Test" button to check connection with UTMStack, and save changes

5. Click on the button shown below, to activate the UTMStack features related to this integration