SentinelOne
SentinelOne_Hash_Blacklister
Author: Joe Vasquez
License: AGPL-V3
Version: 1.0
Supported data types:
- thehive:case_artifact
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A
Description
Add SHA1 hash to SentinelOne Blacklist via API v2.1.
Configuration
| s1_console_url |
Console URL |
| Default value if not configured |
N/A |
| Type of the configuration item |
string |
| The configuration item can contain multiple values |
False |
| Is required |
True |
| s1_api_key |
API Key, don't forget this will expire! |
| Default value if not configured |
N/A |
| Type of the configuration item |
string |
| The configuration item can contain multiple values |
False |
| Is required |
True |
| s1_account_id |
Account ID |
| Default value if not configured |
N/A |
| Type of the configuration item |
string |
| The configuration item can contain multiple values |
False |
| Is required |
True |
| s1_blacklist_ostype |
OS type, must be one of the following: macos, windows, linux, or windows_legacy. Default is windows |
| Default value if not configured |
N/A |
| Type of the configuration item |
string |
| The configuration item can contain multiple values |
False |
| Is required |
False |