SentinelOne ActiveEDR data source type specifications

When you configure SentinelOne ActiveEDR, understanding the specifications for the SentinelOne ActiveEDR data source type can help ensure a successful integration. For example, knowing what the supported version of SentinelOne ActiveEDR is before you begin can help reduce frustration during the configuration process.

The following table describes the specifications for the SentinelOne ActiveEDR data source type.

Table 1. SentinelOne ActiveEDR data source type specifications
Specification Value
Manufacturer SentinelOne
Data source type SentinelOne ActiveEDR
Connector type

Universal REST API

Event format JSON
Recorded event types Threats
Automatically discovered? No
Includes identity? No
Includes custom properties? No
More information SentinelOne Active EDR (https://www.sentinelone.com/blog/active-edr-feature-spotlight/)