Sentinel – SGBox Next Generation SIEM & SOAR https://www.sgbox.eu Next Generation SIEM & SOAR Mon, 10 Mar 2025 09:41:55 +0000 en-US hourly 1 https://wordpress.org/?v=6.8 https://www.sgbox.eu/wp-content/uploads/2025/02/cropped-SGBox-symbol-png-32x32.webp Sentinel – SGBox Next Generation SIEM & SOAR https://www.sgbox.eu 32 32 Syslog configuration on Sentinel https://www.sgbox.eu/en/knowledge-base/syslog-configuration-on-sentinel/ Fri, 07 Feb 2025 14:49:56 +0000 https://www.sgbox.eu/?post_type=epkb_post_type_1&p=29453

Configure Sentinel to send logs to SGBox

Open the SentinelOne Admin Console. Configure SentinelOne to send logs to your Syslog server.

  1. Select your site.
  2.  In the left side menu, click the slider icon [⊶] to open the Settings menu.
  3. Open the INTEGRATIONS tab, and fill in the details: ( 3.1 ): Under Types, select SYSLOG ( 3.2 ): Toggle the button to enable SYSLOG: ( 3.3 ): Host – Enter your public SYSLOG server IP address and port. ( 3.4 ): Formatting – Select CEF. ( 3.5 ): Save your changes.
 
Syslog configuration on Sentinel

If TLS is selected you will need to upload certificates.

Syslog configuration on Sentinel
]]>