Sniffing out well-known threat groups
-
Updated
Aug 13, 2024 - Python
Sniffing out well-known threat groups
PowerShell module for SentinelOne API
This collection provides several unofficial ansible modules and roles to use with SentinelOne management consoles
PowerShell wrapper for the SentinelOne API
A userscript that enhances the SentinelOne PowerQuery interface with a custom threat hunting button that follow the website UI / UX design interface.
Scripts played by GitHub Actions that converts Sigma rules to SentinelOne PowerQuery via PySigma.
This project shows a graphical view of the process executions relationship in a tree format (HTML version)
Installs and configures the SentinelONE client
A community‑driven, SentinelOne‑assisted library of parsers, dashboards, detections & response playbooks that supercharge the Singularity Platform.
Monitoring plugin (Icinga/Nagios compatible) to check the presence of threats on the SentinelOne Cloud service
Docker-based Scalyr (SentinelOne) agent for macOS (Intel & Apple Silicon). Ships host logs by default, easily extended for Docker JSON logs.
s1-collector-install-packages
Containerized—ROOTLESS—syslog-ng service that securely forwards system, firewall, and security logs to SentinelOne's Data Lake via HEC API. Optimized for performance, security, and enterprise deployment.
Stream syslog events directly into SentinelOne AI SIEM using a Dockerized collector. This project offers a clear, step-by-step guide, making it accessible for anyone looking to get started with log ingestion on Ubuntu or Mac (local testing), regardless of prior Linux or Docker experience.
Production-ready Docker syslog collector with multi-source differentiation for SentinelOne SIEM integration
Complete syslog toolkit for SentinelOne SDL; Three solutions: Simple collector; 3-in-1 pipeline; rootless high-performance; Choose based on complexity needs; Docker + official S1 support
Log Volume Calculator (WIP)
Allows SentinelOne device information to be used with Splunk Enterprise Security.
Add a description, image, and links to the sentinelone topic page so that developers can more easily learn about it.
To associate your repository with the sentinelone topic, visit your repo's landing page and select "manage topics."